Application Vulnerability Correlation (AVC) stand for application security workflow and process management tools that aim to streamline software development life cycle (SDLC) application vulnerability remediation by incorporating findings from a variety of security-testing data sources into a centralized tool.
It is particular useful for provide “unified” len and perspective for both developer team and application security team (who perform application security audit and pentest) in communicate application vulnerability in the unified manner. It allow Dynamic Application Security Testing (DAST) vulnerability results scan, found and detect by security team import into application vulnerability correlation (AVC) system. Developer team import their application vulnerability scan, found and detect result into AVC for sharing and communicating with security team.
The benefits? Create a consolidated unified view of your applications vulnerabilities, AVC tools accelerate the remediation of vulnerable apps by fully automating the flow of app vulnerabilities between testing tools, centralized application security functions. This workflow automation is even more important with trend toward DevOps, Continuous Integration (CI), and Continuous Deployment (CD) adoption.
Settling on a common term (Application Vulnerability Correlation) provides common language between buyers and sellers that drives more efficient adoption of new technologies.
We will see the rise of AVC or changing terminology, but refer to the same matter in the coming time.
E-SPIN provide both dynamic application security testing (DAST), static application security testing (SAST), interactive application security testing (IAST), penetration testing, network, wireless, database, mobile app and enterprise vulnerability management solution for the enterprise and government customers, whether for national deployment facility or multi countries/regional or global vulnerability assessment center, cyber security lab, for those who are interest on the rising AVC, as part of our unified vulnerability management solution, please feel free to contact our consultant for the subject matters.