Apiiro and NetSPI Partner to Provide Contextual, Risk-Based Penetration Testing

Tel Aviv and Minneapolis, Minnesota  –  Apiiro, the industry’s first Code Risk Platform™, and NetSPI, the leader in penetration testing and attack surface management, today announced a strategic partnership to combine Apiiro’s comprehensive Application Risk Management capabilities with NetSPI’s Penetration Testing as a Service (PTaaS). The partnership enables contextual and risk-based application security testing for its mutual customers.

Organizations rely on penetration testing for releasing and maintaining secure applications. As a result of the partnership, NetSPI customers will be able to test their applications, networks, and cloud infrastructure at scale and manage their attack surfaces using risk visibility and context provided by Apiiro. NetSPI’s PTaaS will be supported by Apiiro’s comprehensive view of security and compliance risks and keen understanding of how to manage the complexities of a risk-based Secure Software Development Lifecycle (SSDLC).

To keep pace with the speed of software development today, both companies advocate for running penetration tests in a smart and consistent way. Instead of performing pentests on a set schedule, they should be performed continuously as high risk changes are identified in an environment. Apiiro helps focus pentests on material changes to application and infrastructure code, enabling organizations to target their security processes. Through this contextual approach to application pentesting, customers can better automate the testing process and identify business-critical security vulnerabilities. 

“Apiiro is pleased to be joining forces with NetSPI to provide our customers with next-gen context aware pen-testing capabilities that will reduce the friction between pen-testers and development teams and help deliver secure products faster. ” said Idan Plotnik, CEO at Apiiro. “We were impressed by NetSPI’s ability to swiftly identify areas of critical vulnerabilities, and deliver high quality results that allow their customers to have peace of mind and focus on their business priorities.”

“Applications are the lifeblood of organizations today. As application development accelerates, the way we approach security testing needs to evolve,” said Aaron Shilts, President and CEO at NetSPI. “NetSPI and Apiiro are changing the way security teams approach penetration testing. By providing real-time visibility into application attack surface changes, we can better enable continuous and contextual testing to help clients find, fix, and remediate their vulnerabilities faster.”

About Apiiro

Apiiro is the industry’s first Code Risk Platform™ to provide Application Risk Management with every change, from design to code to cloud. Apiiro is re-inventing the secure development lifecycle for Agile and cloud-native development and gives organizations a 360° view of security and compliance risks, from design to production, across applications, infrastructure, developers’ knowledge, and business impact. Apiiro is backed by Greylock and Kleiner Perkins.

About NetSPI

NetSPI is the leader in enterprise security testing and attack surface management, partnering with nine of the top 10 U.S. banks, three of the world’s five largest healthcare companies, the largest global cloud providers, and many of the Fortune® 500. NetSPI offers Penetration Testing as a Service (PTaaS) through its Resolve™ penetration testing and vulnerability management platform. Its experts perform deep dive manual penetration testing of application, network, and cloud attack surfaces, historically testing over 1 million assets to find 4 million unique vulnerabilities. NetSPI is headquartered in Minneapolis, MN and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures. Follow us on FacebookTwitter, and LinkedIn.

Apiiro Media Contact:
Kelly Hall
Offleash PR for Apiiro

NetSPI Media Contact:
Tori Norris, NetSPI
(630) 258-0277

Discover how the NetSPI BAS solution helps organizations validate the efficacy of existing security controls and understand their Security Posture and Readiness.