Soteri has made impressive enhancements to their Security for Bitbucket integration, giving users greater control over security audit.
LOS ANGELES, CALIFORNIA, UNITED STATES, September 9, 2022 /EINPresswire.com/ — Representatives with Soteri announced today that the company not only has added some impressive enhancements to its Security for Bitbucket software — giving users greater control over their security scans, streamline auditing, and improving performance — the software is 10X faster now.
Security for Bitbucket 4.0 is a major performance upgrade which can improve the speed of bulk scans by 10x or more (soteri.io/dramatic-performance-improvements-in-security-for-bitbucket-4-0). The improvement can be much higher for repositories with many branches or many forks.
“The new logic in Security for Bitbucket 4.0 detects and avoids re-scanning identical files shared between multiple branches of the same repository,” explains Mohammed Davoodi, CEO of Soteri. “For example, if a single file is modified in a repository with 100 branches all deriving from the main branch, then once main is scanned, scanning the additional 100 branches will be nearly instantaneous.
“Of course, the new logic takes your scan settings into account. For example, a previously scanned file would be re-scanned after a scanning rule is enabled, disabled, or modified. Sometimes, Security for Bitbucket will find issues that are false positives (or real credentials which have already been revoked). For these cases,” he notes, “there is now a ‘mark reviewed’ button next to each finding. Any reviewed findings are ignored in all current and future scans for that repository, without needing to commit to code.”
Davoodi points out that other recent Soteri enhancements to Security for Bitbucket have included
a project-level dashboard, providing project administrators a dashboard with similar functionality so that they may perform scans and obtain vulnerability reports for any repositories and branches in their own projects
a repository-level dashboard for developers to scan and review their own repositories
the ability to export reviewed findings — reviewed findings can be exported to a CSV file by selecting the appropriate option in the Export dropdown on any dashboard
audit logging for app events (to help administrators keep track of various events, Security for Bitbucket places certain entries in Bitbucket’s Audit Log)
notifications on scan completion
the ability to bypass the security hook via a special string in the commit message
new and updated built-in scan rules, making it faster than ever
improved false positive filtering in the built-in rules
“It’s not only 10 times faster,” he says, “but if a scan is subsequently triggered via the Repository Scan Report page or the Global Scan Dashboard, the contents of the commit will be scanned. The bypass directive applies to the pre-receive hook only. Additionally, pushes with skipped hooks are logged so that they can be audited by security teams.”
For more information, please visit soteri.io.
About Soteri:
Soteri, the industry leader in protecting organizations from leaks, scanning internal services, finding and flagging passwords, private keys, cloud credentials, and more.
Contact Details:
8726 S Sepulveda Blvd
Ste D #322
Los Angeles, CA 90045
United States
Mohammed Davoodi
Soteri
+1 540-250-5313
email us here
