Bionic Signals will allow the platform to integrate with one or more security tools so it can ingest and contextualize the alerts and vulnerabilities that are triggered by tests and scans, according to Mamo.
Bionic ASPM can now be accessed through both the Snyk and Sonatype UIs. Bionic Signals for Sonatype IQ is generally available now, and Bionic Signals for Snyk SCA will be available in July.
“Collating results from various aspects of application security scanning into a single platform for review will be a big help to engineers on both development and security teams,” said David Chernitzky, CEO of Armour Cybersecurity. “Bionic’s integration is a step forward in that direction and we are curious to see it in action.”
Bionic adds business context to the mix
The new business risk scoring adds data context and scores business risk, on a scale of 1 to 100, based on threat profile and severity, business criticality, and exploitability. It further groups the threats into critical, high, medium and low categories to understand threat impacts and prioritize accordingly.
“The thing usually missing from the vulnerability management process, and sometimes the hardest thing to get, is an understanding of the business context associated to any particular vulnerability,” said Story Tweedie-Yates, head of product marketing at cybersecurity company KSOC. “Bionic is trying to help teams with the question of prioritization, and the more signals they can add in to make that context more precise and accurate, the better.”
Bionic adopts an agentless deployment to continuously scan production environments so it can provide a real-time view of application security posture in production, Mamo added.
