Platform
Code Tampering Prevention
| Find mismatches from the expected state at each point in the software pipeline. | |
| Identify anomalies in behavior as evidence for a potential security breach. | |
| Protect critical code against unintended changes. |
Find mismatches from the expected state at each point in the software pipeline.
Certain mismatches between data from tools across the supply chain may alert the organization of a potential issue that could be exploited by a bad actor. Examples of such mismatches include differences between IaC configurations and the settings at production, integrity failures like differences between files in the code repository and the build / CI systems, or changes in important files that should not change without notification, like installation scripts, CI configurations and pipelines or protection controls in tools.
Identify anomalies in behavior as evidence for a potential security breach.
Suspect activity, on the other way, might hold evidence that an actual breach took place. Imagine a resource like a organization's private code repository: clones from unintended users or from anomalous geographic locations, adding-and-removing permissions in a short time period, deleting branch protection rules, or using admin rights to merge code without review or with failed status checks, are examples of such anomalies.
Xygeni warns of such anomalies across the DevOps process, and signals any drift in sources and configurations along the chain.
Protect critical code against unintended changes.
Parts of software source code, like installation or upgrade scripts, build pipelines, or important configuration files should have changes blocked by default, and a strict procedure should be enforced for their modification. Xygeni helps with implementing such procedures and detecting any change in critical code not following them.
