Unified Communications Industry News


TMCNet:  RingCentral Deploys Data Theorem to Automate Security Inspection of Modern Apps and Identify and Address Vulnerabilities Prior to Production

[December 13, 2018]

RingCentral Deploys Data Theorem to Automate Security Inspection of Modern Apps and Identify and Address Vulnerabilities Prior to Production

Data Theorem, Inc., a leading provider of modern application security, today announced that RingCentral (News - Alert) has deployed its automated API discovery and security inspection solution seamlessly into RingCentral's DevOps and continuous integration/continuous delivery (CI/CD) program to identify and address vulnerabilities in its modern application environment. As a result, RingCentral has found and fixed critical security flaws before releasing into production and closed more vulnerabilities faster than previously possible.

RingCentral, Inc. (NYSE: RNG) is a leading provider of global enterprise cloud communications and collaboration solutions empowering today's mobile and distributed workforce to communicate, collaborate, and connect from anywhere, on any device. RingCentral unifies voice, video, team messaging and collaboration, conferencing, online meetings, and integrated contact center solutions. Its open platform integrates with leading business apps and enables customers to easily customize business workflows. RingCentral is headquartered in Belmont, Calif., and has offices around the world.

"Data Theorem's analyzer engine is unique in its ability to deliver continuous, fully automated security for our mobile and API environment, which is very important to us," said Michael Machado, Chief Security Officer for RingCentral. "We want to ensure that our customers are communicating and collaborating in a secure ecosystem, and Data Theorem's testing of our mobile apps and APIs is an important part of our software security testing program."

Previously RingCentral used pen testing forgauging the security of its mobile apps. As the company's Unified Communications (News - Alert) as a Service (UCaaS) solutions evolved to heavily incorporate mobile applications, RingCentral needed a better solution for its product security activities that delivered scalable, flexible and continuous security testing of its mobile apps. While traditional pen testing is a relevant part of mature software security testing programs, its limitations include being slow and inefficient, and often results in only periodic, point-in-time testing.

"Data Theorem has proven very efficient and accurate in continuous testing of each mobile app release," said Machado. "It is an important component of our secure software development program. In addition to their security testing, which is industry leading, the Data Theorem team is a great partner to work with. They are extremely focused on making their customers successful - and this goes beyond their product, which is itself world class."

With Data Theorem, the RingCentral team receives fully automated security reviews of its apps in app stores. RingCentral's developers and security teams can log in at any time to check status, review flaws and alerts, and receive coding-level recommendations for how to address discovered issues. Apps are analyzed in pre-production, allowing critical issues to be detected and addressed prior to release, as well as tested in post-production. Data Theorem's App Secure product performs static and dynamic analysis on any iOS and Android (News - Alert) application in search of security vulnerabilities and privacy gaps.

"RingCentral is one of the world's leading providers of enterprise cloud communications and collaboration solutions, and we are pleased to work with them to help identify issues related to privacy and application-layer attacks," said Doug Dooley, Data Theorem COO. "Companies turn to Data Theorem to address threat models related to modern mobile applications with continuous mobile application and API security testing in production environments."

Data Theorem's API Discover and API Inspect together address security concerns such as Shadow APIs, Serverless Applications, and API Gateway (News - Alert) cross-check validation by conducting continuous security assessments on API authentication, encryption, source code, and logging. The API security solutions support Amazon's Lambda and API gateway tools to discover modern APIs and to enumerate the specification using standards such as Swagger and Open API 3.0.

About Data Theorem

Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. The company has detected more than 300 million application eavesdropping incidents and currently secures more than 4,000 modern applications for its enterprise customers around the world. Data Theorem is headquartered in Palo Alto (News - Alert), Calif.; with offices in New York; Paris, France; and Bangalore, India. For more information visit www.datatheorem.com.

Data Theorem and TrustKit are trademarks of Data Theorem, Inc. All other trademarks are the property of their respective owners.


[ Back To Unified Communications's Homepage ]