Spectral now part of Check Point’s CloudGuard to provide the industry’s most comprehensive security platform from code to cloud Read now

Spectral launches Spectral Logs to Ensure Sensitive Data Isn’t Accidentally Exposed

By Dotan Nahum July 15, 2021

Spectral Logs enables additional layer to existing protection of code and data to shield against breaches and ensure PCI DSS and GDPR compliance

TEL AVIV, Israel, July 14, 2021 /PRNewswire/ — Spectral, the developer-first cybersecurity company, today announced the release of Spectral Logs, a detection technology that ensures that sensitive user data and system information are not accidentally leaking into their log files.

The company’s highly regarded DevSecOps platform already scans code, data and configuration. Now, using the same proprietary technology and machine learning models, it’s possible to also discover mistakes in logs. Spectral code, data, and logs are not tightly coupled so users can secure one without the other to achieve full security through their CI/CD pipeline.

Spectral recognized the need for a new scanning solution specifically for logs when it witnessed how easily sensitive data inadvertently sprawled into the logs. The problem can occur, for instance, when services output sensitive information, such as passwords, personal data, or other sensitive information, to their logs by mistake while the original intent was to offer better operability.

To prevent problems, it’s vital that companies ensure their logs are clean before they ship them to the different cloud providers, including logs processing providers, to protect data, and also to comply with PCI DSS (Payment Card Industry Data Security Standard) and GDPR regulations, as well as other equivalent data protection regulations.

It is increasingly common for companies to ship their logs to the cloud. However, that may risk exposing sensitive information, such as secrets, passwords, medical data, and personal information on these logs,” said Dotan Nahum, CEO and founder of Spectral. “This data, if containing sensitive information, and now with 3rd party storage services, poses an immediate compliance risk that needs to be addressed, and this is often discovered too late.”

To solve for logs, you must also take into account performance and scale, because companies will not allow any delay in processing logs,” added CPO and co-founder Lior Reuven (previously part of the R&D leadership of Elastic, the company behind the ELK stack for logs). “Our technology is already perfectly positioned for this, and we’re proud to say that we’re seeing very little overhead in this area.”

Tel Aviv-based Spectral left stealth in February 2021 with $6.2M in funding for their developer-first code security scanner, which uses the first hybrid engine that combines hundreds of detectors with AI in order to find, prioritize and block costly coding mistakes. The DevSecOps startup was founded by Dotan Nahum, Uri Shamay, Idan Didi, and Lior Reuven.

About Spectral

Spectral is a lightning-fast, developer-first cybersecurity solution that acts as a control-plane over source code and other developer assets. It finds and protects against harmful security errors in code, configurations and other artifacts. Spectral employs the first hybrid scanning engine, combining AI and hundreds of detectors, ensuring developers can code with confidence while protecting companies from high-cost mistakes.

Related articles

4 Expert Tips for Data Center Security

4 Expert Tips for Data Center Security

In a market projected to grow to $288.30 billion by 2030, data centers will expand to facilitate more data-driven workloads, including AI and big data. Much

How to Run a SAST test: The Dev Tutorial

How to Run a SAST test: The Dev Tutorial

If you prioritize long-term security and success, you should be analyzing your applications from the inside out. Enter Static Application Security Testing (SAST), a proactive method

Top 8 Software Composition Analysis (SCA) Tools for 2023

Top 8 Software Composition Analysis (SCA) Tools for 2023

The software development landscape moves quickly. As organizations seek to innovate at increasing speed, developers find ways to develop and deploy digital apps faster. More than

Stop leaks at the source!