I wouldn't say dominating tbh, but clearly one of the good solution out there for sure.
Probably the biggest differentiator is our ability to detect sensitive data flows and map those to the different security findings. It allows finding unique risks as sensitive data leaking in loggers for example, but also dynamically prioritize issues based on the type of sensitive data at risks or even decide it's not important if none are.
Let's say you're connecting to an unsecure API, we're going to assess if you're sending sensitive data or not there, depending on that we'll change the priority of the risk. If none are involved it would be a low risk, if PHI are involved it would be critical.
For the rest, I let you be the judge of the UX, quality of findings, speed etc.
gmontard|3 years ago
Probably the biggest differentiator is our ability to detect sensitive data flows and map those to the different security findings. It allows finding unique risks as sensitive data leaking in loggers for example, but also dynamically prioritize issues based on the type of sensitive data at risks or even decide it's not important if none are.
Let's say you're connecting to an unsecure API, we're going to assess if you're sending sensitive data or not there, depending on that we'll change the priority of the risk. If none are involved it would be a low risk, if PHI are involved it would be critical.
For the rest, I let you be the judge of the UX, quality of findings, speed etc.
scinerio|3 years ago