PRESS RELEASE. TEL AVIV, Israel, Nov. 29, 2023 - Piiano, the leading data protection company, today announced Piiano Flows, the industry's first privacy-centric static code analyzer. The company will offer free scans until the end of 2023. High-profile data leaks, including Duolingo's PII leak in late August, underscore the critical importance of data protection for businesses on a global scale. Flows automatically and continuously analyzes source code throughout development processes and tracks when, where and how sensitive data are being used and stored. This enables security teams to shift data security left with a more proactive approach. Piiano's tool finds potential data leaks inside source code and ensures that sensitive information, such as Personally Identifiable Information, credentials and financial information, are protected before faulty code reaches production. "Security leaders want to focus more on data security during development, but don't have the right tools to do so at scale and see what's happening with data in their code. Data vulnerabilities are even harder to hunt down after faulty code reaches production, which is why our tool nips the problem at the source," says Gil Dabah, co-founder and CEO of Piiano. Image shows sensitive data statistics gathered by analyzing a code repository. Developers are expected to work at a rapid pace and under a great deal of stress. Compounded by a lack of security expertise and orientation, they are prone to making errors through little fault of their own that can expose data at the code level-such as forgetting to remove debugging logs or inadvertently exposing sensitive data through public or third-party APIs. According to Justinian Fortenberry, CISO at Etsy and a board advisor to Piiano, "Piiano Flows is a very powerful and straightforward solution that, for the first time, enables enterprises to save time identifying potential data leaks during and after the application development process." Dabah likens Flows to a "SAST-type tool for proactive DPSM." The company's proprietary NLP ML model and taint analysis algorithms - a more accurate approach than more commonly used Large Language Models - maps and highlights any code that touches sensitive data, including incoming, outgoing and stored data, to help find data privacy and security issues and blind spots that can happen in runtime. Flows, available for free, is designed for quick and easy use with an intuitive interface for security teams. To eliminate third-party risk, it only requires access to code itself without ever accessing production environments or production data stores containing sensitive customer data. Piiano provides a data protection platform for app-sec and engineering teams to secure sensitive customer data and ensure their privacy - even in the event of a breach. Enterprises can scan their source code to find data leaks and similar data exposure issues and remediate them by securing the sensitive data by using its data protection APIs. With Piiano's building blocks, engineers and security leaders can save significant time, effort and resources while achieving true security without slowing down.
This Cyber News was published on www.darkreading.com. Publication date: Thu, 30 Nov 2023 20:25:01 +0000