The Noname Security 3.34 Update Includes Major Enhancements

This release introduces the Learning Center — a centralized hub with everything new users need to get started with Noname Security. The Learning Center offers all the information necessary to get going with our solution, including links to the redesigned setup experience, newly developed guided tours, training sessions, release notes, support, and more.

The new Learning Center will greatly accelerate and streamline your onboarding experience, helping you become more familiar with the platform, and ensuring you have all the resources you need at hand.

The Noname platform now offers interactive tutorials and guides within its user interface to help users understand essential platform features. These in-app learning guides provide concise explanations of relevant security concepts, highlighting the importance of the information displayed on each page. They also detail how to interact with the product and include links to documentation for further exploration.

For example, the interactive tutorials and guides can help users quickly grasp the difference between a "finding" and an "incident," demonstrate how to filter APIs on the inventory page, and explain how to interpret information about attackers. In this release, the guides also include short videos demonstrating how to use specific product features.

The Noname Security Remote Engine is now certified and available in the Red Hat Ecosystem Catalog. The Noname API Security Platform uses Remote Engines to analyze API traffic and generate highly accurate and comprehensive inventories. With this release, Remote Engines can be deployed in Red Hat OpenShift environments to process API traffic data, helping to identify API misconfigurations and runtime incidents.

This enhancement is especially beneficial for customers who work exclusively with Red Hat–certified vendors. They can now seamlessly analyze APIs directly within their OpenShift environments without having to transmit sensitive data externally. This not only improves security but also simplifies compliance with data privacy regulations.

Coverage Center is a new feature in Active Testing that provides practical guidance on how to fix issues in customers' environments and API testing configurations. This ensures that each API can be successfully executed and thoroughly tested.

Active Testing can detect vulnerabilities and design flaws in APIs by analyzing the underlying API business logic for comprehensive testing. However, incorrect configurations in the testing environment can affect Active Testing's analysis of the business logic and limit the scope of tests that can be performed.

By following the recommendations provided by Coverage Center, customers can resolve problems within their testing environment, enabling Active Testing to analyze the business logic effectively and increasing the number of APIs that can be comprehensively tested.

This capability enables you to define specific APIs that dynamically generate access tokens or API secrets, eliminating the reliance on static values. Integrating this functionality automates obtaining fresh credentials for each test to enhance the security and efficiency of the testing process.

This approach simplifies the management of authentication credentials and reduces the risks associated with static secret exposure. By ensuring that access tokens and API secrets are always up-to-date, this feature enables more secure and effective Active Testing, safeguarding the integrity and confidentiality of the API testing environment.

To learn more about using APIs for dynamic authentication, please see documentation.

Please review the release notes for additional information about the Noname Security 3.34 version.