PureSec's SSP is designed exclusively for serverless applications, and provides an end-to-end application security solution for serverless, which is tightly integrated into the CI/CD process.
PureSec SSP seamlessly integrates into your CI/CD process. During development and build time, serverless projects are statically scanned to pinpoint risks related to over-permissive IAM roles, insecure storage of application secrets, and known vulnerable 3rd. party dependencies. With PureSec SSP integrated into your CI/CD, you are guaranteed to ship robust serverless code at all times.
PureSec SSP provides automatic defense against application-layer attacks such as SQL injections, remote code execution, attempts to subvert function logic and unauthorized malicious actions. Protection is initiated when the function is invoked, where the serverless application firewall employs rigorous security algorithms to detect event-data injection attacks. Once event data is found to be legitimate, the functions is allowed to run, and a machine-learning based behavioral protection engine closely monitors function execution to detect unauthorized interactions and operation.
PureSec SSP integrates deep into your functions, providing unparalleled visibility into application layer attacks. See what your functions are doing in a way you've never seen before. For each security event, PureSec customers receive access to forensic data, allowing them to perform deep investigations into security incidents, in real time. PureSec SSP provides simple Integrations with existing SIEM solutions, so your DevSecOps teams can receive event information and notifications in the tools of their choice.