Rezilion announced today the full availability of its new, automated vulnerability management solution to identify, prioritize, and remediate vulnerable software.
In a software-driven world, the software attack surface is changing rapidly. But as security, development, and infrastructure teams seek to secure their software and deliver it to customers, fast, traditional software vulnerability management solutions can’t keep pace. Teams can see only portions of the software attack surface at one moment in time. The massive amount of vulnerability alerts are noisy and confusing and do not allow security to address risk on time. Too much patching takes too much time, but too little patching means patching backlogs grow. Together these factors slow down innovation and open up the window of risk from exploitation by bad actors.
Thus, in the absence of having enough time to both build and secure, teams find themselves in a constant battle between competition and threat.
Also Read: Five DevSecOps Myths Businesses Need to Address and Overcome
“Being able to detect and remediate vulnerabilities is a challenge that either results in slower innovation or less security,” said a Frost & Sullivan analyst in a recent report on End-to-End Software Attack Surface Management. “Either time spent on ensuring security draws from time spent on innovating, or security suffers as a large number of vulnerabilities remain unaddressed in the pursuit of innovation. Organizations require a software attack surface management approach that considers the many disparate sources of code and actively patches as required.”
Find Your True Attack Surface, Patch Only What Matters, Automatically
With the array of new features introduced today, Rezilon’s platform now uniquely solves these challenges by applying automation at all of the critical stages in the software security workflow, providing security teams with full-stack assurance and giving developers time back to build. These new features include:
- Deep Vulnerability Validation:
- “Next Generation Vulnerability Database” (NGVDB) – a proprietary database of thousands of vulnerabilities that were pinpointed to the class/function level, which empowers understanding of not only whether or not a vulnerable file is loaded to memory, but whether the specific vulnerable class or function is actually executed.
- Will ultimately allow customers to de-prioritize close to 95% of detected software vulnerabilities and further reduce their patching backlogs.
- CI Integrations
- Further integrating Rezilion directly into development pipelines, providing customers immediate feedback and saving them time on patching vulnerabilities.
- Remediation Workflow Integrations
- Facilitating automated ticketing with tools such as Jira and ServiceNow.
- Automated Remediation
- A fully-automated remediation capability will work in CI Pipelines and will automatically upgrade and test these vulnerable packages that were found to be exploitable.
Powered by continuous runtime analysis, Rezilion’s platform detects vulnerable software components on both infrastructure and application layers and determines their exploitability, filtering out 85% of vulnerabilities that require no patching. Backed by new features and capabilities, Rezilion can now automatically mitigate exploitable vulnerabilities across the Software Development Life Cycle (SDLC), reducing vulnerability backlogs from months to hours, while giving DevOps teams time back to build.
“The enhancements we’re rolling out today are not only a revolution for our platform, but are a sign of a more fundamental shift in how our industry is thinking about software attack surface management, as a whole,” says Liran Tancman, CEO and Co-Founder of Rezilion. “For too long, companies have had to compromise between the speed and security of their software products, a challenge ultimately caused by a vulnerability management toolset that cannot work as broadly, accurately, or immediately as their business requires. With Rezilion’s new platform, we are challenging this standard with a new way of working without silos and bottlenecks. We see this as the future of vulnerability management, and we’re thrilled to lead the way forward with this next generation of the Rezilion platform.
Get Started Today
Rezilion’s full platform is available now, free for 30 days, with a dynamic Software Bill of Materials (SBOM) in CI.
The company also announced it will host a major activation at the upcoming Black Hat cybersecurity conference, at Mandalay Bay in Las Vegas, August 10-11, 2022. Visit Rezilion at booth 2408 for live demos on the hour, prizes, giveaways, and more. For more information or to book a live, hands-on demo at the show,
For more such updates follow us on Google News ITsecuritywire News