elements. Testing from the outside-in 3. Dependency Scanning – inventory the dependencies for vulnerabilities or malicious binaries 4. Source code integrity and code signing – all contributors should have integrating them with our business logic. We inherit the vulnerabilities of these 3rd party components ii. Examine dependencies for known vulnerabilities and consolidate multiple versions of the same library 2014 Verizon PCI Data Breach Investigation Report – studies over 85K cardholder breaches. 10 vulnerabilities accounted for 97% of the exploits used. 8 of the 10 exploits were over 10 years old. i. ENSURE

Access Control (RBAC), continuous monitoring, signature-based continuous scanning using Common Vulnerabilities and Exposures (CVEs), runtime behavior analysis, and container policy enforcement.The security Analysis Artificial Intelligence (AI) service 5. DCAR for the hardened containers 6. Common Vulnerabilities and Exposures (CVE)Service / host-based security to provide CVEs for the security sidecar container