November 29, 2023 at 06:26PM
Piiano, a data protection firm, launched Piiano Flows, the first privacy-centric static code analyzer, offering free scans until year-end. Post the Duolingo leak, this tool helps security teams identify potential data leaks in source code, protecting sensitive information early in the development cycle.
Here are the clear takeaways from the Piiano press release:
1. Piiano has announced the launch of Piiano Flows, the first privacy-centric static code analyzer in the industry.
2. Piiano Flows is designed to automate and continuously analyze source code throughout the development process, with the aim of identifying and tracking the usage and storage of sensitive data.
3. The tool aims to help security teams take a proactive approach by shifting data security “left,” i.e., earlier in the development lifecycle.
4. Piiano Flows identifies potential data leaks in the source code, ensuring protection of sensitive information such as PII, credentials, and financial data before the code goes into production.
5. As an incentive, Piiano is offering free scans with Piiano Flows until the end of 2023.
6. The urgency of data protection is emphasized by recent high-profile data leaks, such as the Duolingo PII leak in August.
7. Piiano’s CEO, Gil Dabah, believes that security leaders need tools that allow them to focus on data security during development at scale.
8. An image included in the release likely shows statistics related to sensitive data gathered from analyzing a code repository.
9. Developers are identified as at risk of unintentionally exposing sensitive data, especially under stressful conditions without proper security expertise.
10. Justinian Fortenberry, CISO at Etsy and an advisor to Piiano, endorses Piiano Flows as a powerful and straightforward solution for enterprises.
11. Piiano Flows uses Piiano’s proprietary NLP ML model and taint analysis algorithms for mapping and highlighting any code that involves sensitive data.
12. The tool is described as easy to use with an intuitive interface and doesn’t require access to production environments or customer data, mitigating third-party risk.
13. Piiano positions its platform as a tool for app-sec and engineering teams to secure customer data and maintain privacy even in the event of a data breach, purportedly saving time, effort and resources for enterprises.