New product features provide engineering teams with the data and application architecture context necessary to rapidly prioritize and fix critical threats before they impact the business
Bionic, the industry’s first Application Security Posture Management (ASPM) platform, today launched two new product features – Bionic Signals and Business Risk Scoring – to help engineers simplify the thousands of security vulnerabilities they manually triage each day. Bionic Signals ingest data from popular security tools to contextualize which vulnerabilities are critical threats to applications in production. Bionic Business Risk Scoring calculates the relative risk of an application based on the number of related vulnerabilities, their ability to compromise sensitive data through architecture dependencies, and their ability to be exploited within the architecture’s attack surfaces. Together, these capabilities provide engineering teams with the rich data, visibility, and context necessary to rapidly prioritize and fix critical threats before they impact the business.
Shifting security left in CI/CD pipelines means engineers have multiple security tools for static code analysis, open-source libraries, pen-testing, container security, infrastructure-as-code, cloud security, and more. In large, modern, distributed, cloud applications these tools create significant exhaust fumes for engineers. This manual triage and toil results in hundreds of hours of lost engineering productivity each week, and also means critical threats get missed and exposed in production. To solve this, Bionic created Bionic Signals and Business Risk Scoring.
Bionic emerged from stealth in December 2020 with the world’s first ASPM solution – a new market category recently validated by Gartner – to give enterprises complete end-to-end application visibility and context. With Bionic Signals and Business Risk Scoring, Bionic is reinforcing its commitment to deliver cutting-edge security solutions that empower teams to prioritize and resolve threats in minutes instead of weeks, months, or never.
“The surge in applications and shift to continuous delivery are introducing new attack surfaces and attack vectors at an unimaginable rate. Most security tools today focus primarily on discovery, but without operational insights into critical exploitable business risks, all they provide is noise,” said Eyal Mamo, co-founder and CTO at Bionic. “Our next-gen application security platform discovers and visualizes all services, dependencies, APIs, and data flows. We then detect, score, and prioritize application risk so that teams can spend time fixing what needs to be fixed. That’s why the largest enterprises across nearly every industry are leveraging Bionic for ASPM.”
Bionic Signals
Security tool sprawl is a growing problem: According to Gartner, 78% of CISOs have 16 or more tools in their cybersecurity vendor portfolio, and 12% have 46 or more. Bionic Signals help customers correlate security data from virtually any source to better understand and contextualize how vulnerabilities are critical threats, thus reducing engineer triage and toil by up to 95%. Instead of engineers manually reviewing each tool and vulnerability, Bionic is able to automate this process across security tools, thus reducing the amount of vulnerabilities, false positives, and noise.
Bionic previously announced its first major signal integration with cloud security leader Wiz to unify cloud application security, and was recently named an inaugural technology partner within the Wiz Integration (WIN) Program. Today, Bionic is honoring its commitment to integrate with any security tool by unveiling a new signal integration with Sonatype IQ. With these integrations, Bionic customers see the power of Wiz and Sonatype right from the Bionic UI.
“Identifying and mitigating risk is a top priority for nearly every business. As organizations innovate with the cloud, they need to protect their cloud-based applications at the same pace that engineers ship code,” said Oron Noah, Director Product Management at Wiz. “Together, Bionic and Wiz bring unparalleled context to complex, chaotic cloud environments and applications. By integrating Wiz’s best-in-class cloud security platform with Bionic ASPM, we can enable visibility and context in complex cloud environments and applications.”
Bionic Signals helps customers correlate security signals across tools with greater accuracy to reduce noise from too many alerts across too many security tools. The new solution enriches customers’ understanding of threats with context from application and cloud security tools and measures the impact of other security tools on applications in production. Bionic will continue to add signals from partners to meet the growing demand for visibility into applications in production, better vulnerability context, and more accurate risk-based prioritization.
Bionic Business Risk Scoring
Determining what to fix – and what to fix first – is a challenge for today’s security teams. While risk-based prioritization is imperative for organizations to make well-informed decisions about security and prioritize their work, there are no current tools on the market that provide adequate context for automated risk assessment, prioritization, and remediation. Instead of engineers using CVSS scores to prioritize vulnerabilities, Bionic Business Risk Scoring expands this approach by understanding the business criticality of each vulnerability (e.g. what sensitive data can be exposed) and the architecture exploitability of each vulnerability (e.g. is the impacted service or API internet-facing).
Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!
