Application Security

New Relic Announces General Availability of Vulnerability Management

Enterprises can now manage security vulnerabilities as an integrated part of their observability practice with zero configuration visibility, open third party data integrations, new vulnerability testing capabilities, and an introductory promotional pricing offer

New Relic (NYSE: NEWR), the all-in-one observability platform for every engineer, announced the general availability of New Relic Vulnerability Management to provide customers with security monitoring, helping engineering teams identify and triage vulnerabilities across their tech stack, all in one place, now available for purchase until the end of January at a promotional rate. This includes new Interactive Application Security Testing (IAST) capabilities, added to New Relic with the acquisition of K2 Cyber Security, that enable teams to perform vulnerability testing without having to make any code changes or interrupting normal business operations. Vulnerability Management is available out of the box and available without additional configuration.

Vulnerability Management is a natural addition to New Relic’s existing 30+ observability capabilities and aligns with its vision of eliminating data, tool, and team silos. The solution integrates New Relic’s native vulnerability signals and third party security signals into its purpose-built Telemetry Data Platform to monitor and manage all enterprise telemetry data in one place. Development, security, and operations teams can now use one connected experience to manage application security issues and avoid switching between siloed tools. All of this is available as part of New Relic’s industry leading simple and transparent consumption pricing with a promotional offer to democratize observability and security for all engineers.

Today, DevOps teams work separately from security organizations, using different assessment tools and siloed data that can result in an incomplete picture of the vulnerability surface area of the software stack. This leaves many organizations struggling to protect their applications at the source code and runtime level. For example, security teams are still dealing with a critical flaw in the popular open-source logging tool Log4j more than a year after it was announced – of which 30% of instances remained vulnerable to exploitation. These types of vulnerabilities are challenging to locate and identify in the stack and can be so widespread that they can impact mission-critical software through unknown external dependencies. Vulnerability Management solves for this by providing visibility into an organization’s entire tech stack so they can identify vulnerabilities and protect their applications at every stage of the software development lifecycle.

“Maintaining application security is a critical part of the overall software developer workflow.” said New Relic CEO Bill Staples. “As a leader in observability, New Relic’s data-driven approach puts us in a unique position to provide security visibility across the entire enterprise tech stack. Our customers have been rapidly adopting the new Vulnerability Management capability while in preview and we are very excited to begin general availability at a promotional price, and simultaneously introduce new Vulnerability Testing capabilities in limited preview. ”

“Over 220 million Africans rely on our platform for their payment needs. We provide the payment rails to 120 banks and thousands of global and local businesses for their everyday operations, which means that security at scale is paramount to our business,” said Cellulant VP of Software Engineering Michael Muriuki. “New Relic Vulnerability Management has made it very easy for our engineers to gain real-time visibility into our applications at the production level and identify any vulnerabilities, assess their criticality, put them into context, and fix them at the application layer. We are able to do all of this at scale while preserving precious engineering resources and maintaining great customer experience.”

“Our digital marketplace enables thousands of creators. Like any thoughtful business, trust and security are fundamental to providing an excellent customer experience, which is why we rely on New Relic to bring our observability practice into alignment with our security practice,” said Thortful Co-founder and CTO Eric Genet. “Our engineers don’t have to look at multiple systems. They can see all of their alerts and system performance in one place, so we can get in front of potential issues well before they reach the customer.”

Key capabilities include:

  • Zero configuration visibility: Instant and actionable security information with no additional configuration that brings continuous runtime software composition analysis (SCA) for risk assessment across the stack.
  • New vulnerability testing capabilities in limited preview: Detect signatureless vulnerabilities in pre-production environments using IAST. The new capabilities leverage a patented deterministic technique to identify and provide automated vulnerability validation with proof of exploit.
  • Open third party integrations: Unified security view across the stack and software lifecycle by adding security data with New Relic’s open ecosystem using built-in quickstarts, or from any custom source using New Relic’s security APIs.
  • Automatic risk prioritization: Evaluate security risks across the software stack correlated with the service catalog.
  • Alerting on newly discovered vulnerabilities: Notifications via Slack and Webhooks when new vulnerabilities are introduced in the code base.

Vulnerability Management is now generally available to all New Relic accounts in the US region, with general availability in the EU region planned for Feb 15, 2023. It is included as part of the Data Plus bundle or the Free Tier. Users can also add it to any consumption pricing plan for $0.10/GB on top of their current data ingest price, or at the promotional pricing of an additional +$0.06/GB if they purchase by January 31.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

Related posts

Healthcare Sector Leads Way for Fix Rate of Software Security Flaws

Business Wire

ThreatX Awarded ‘Most Innovative in Web Application Security’

Business Wire

Data Theorem CNAPP earns 2023 Cybersecurity Excellence Award

Business Wire