- TOP
- About
- Affiliated League
- Information
- Column
- Media Information
- Job Information
- League Report
- League Members
- Partners
-
公式X
Search League Members
Accounting DX Leader TOKIUM Adopts IssueHunt's ASPM Tool "Baseline" to Balance Development and Security ― Security Measures that "Blend In" with AI-Era Development; Building a System with Hands-On Support ―
On November 27, IssueHunt, Inc. (Headquarters: Chuo-ku, Tokyo; CEO: Kazumasa Yokomizo), known for operating bug bounty platforms, announced that its Application Security Posture Management (ASPM) tool, "Baseline," has been adopted by TOKIUM Inc. (Headquarters: Chuo-ku, Tokyo; Representative Director: Kenichi Kurosaki).
TOKIUM is a company that develops "Accounting DX" (Digital Transformation) services, such as expense settlement and invoice receipt processing. With this adoption, the company aims to achieve both a rapid development cycle and robust security.
■ Addressing Rising Risks Amid the Spread of AI Coding
At TOKIUM, the penetration of AI coding had brought to light risks where superficially understood code might pass through reviews, as well as the risk of oversight.
Determining that conventional vulnerability assessments conducted once a year were insufficient, they adopted "Baseline" to integrate security education and detection into their daily development cycle. The objectives are to enforce secure coding on a per-pull-request basis, provide immediate feedback for educational impact, and reduce the burden on reviewers.
■ Features of the Japan-Origin ASPM "Baseline"
"Baseline" is an ASPM service developed in Japan that integrates with vulnerability scanners and development tools to provide a unified visualization of product vulnerabilities and information assets.
Its features include "agentless implementation" for seamless integration with GitHub and AWS, "hands-on support" by experts, and "Japanese language explanations" for vulnerability information. TOKIUM cited the high cost-performance ratio and the extensive support provided from implementation to operational establishment as decisive factors in their choice.
■ ICT Startup League
This support program started in FY2023, initiated by the Ministry of Internal Affairs and Communications' "Strategic Information and Communications R&D Promotion Programme (SCOPE)."
The ICT Startup League supports startups through four main pillars:
1. R&D Funding / Hands-on Support
Up to 20 million JPY in research and development funding is provided as a subsidy. Additionally, in terms of hands-on support, the selection committee members who were involved in choosing the league members continue to stay close and promote growth after selection. For companies that committee members evaluated as "must-haves," a support system akin to "enthusiastic backing" (or "Oshi-katsu") is built, where the evaluators themselves provide continuous support, such as advice on business plans and offering growth opportunities.
2. Discovery & Cultivation
We provide opportunities for learning and networking to promote the business growth of league members.
We also expand our reach by discovering those who aim to start businesses in the future.
3. Competition & Co-creation
Designed as a place for positive competition like a sports league, startups learn together and improve through friendly rivalry, competing to win the necessary funding (up to 20 million JPY). We also provide a space for co-creation where league members can collaborate to expand their businesses through various opportunities, such as sessions with selection committee members.
4. Communication
We broadcast the initiatives of league members in collaboration with the media! By letting more people know about these businesses, we aim to expand the field for new matching and opportunities.
■ Related Websites
ICT Startup League
/
IssueHunt, Inc. (Official Site)
/
IssueHunt, Inc. (LEAGUE MEMBER)
/
TOKIUM Inc. (Official Site)
/
Original Press Release
