Stephen Burton

All Stories by Stephen Burton

  • What Is Risk? Let’s be frank. Risk represents the possibility of loss. In business terms, loss is in the form of cash, customers, partners, revenue, IP, corporate data, and brand loyalty. Global Risk & Compliance (GRC) teams calculate, manage, and mitigate the possibility of loss across the business (and IT). So, what’s the role of […]

  • Every security startup needs a superhero. Snyk created the Dobermann. At Bionic, we created a badass bulldog. Here’s the story… He was just an ordinary bulldog from a small town in England, owned by a bad actor. Then one day, his owner left the back door open, and Billy escaped! Billy was vulnerable and became […]

  • The job of every security professional is to decipher buzzwords created by analysts and vendors. ASOC and ASPM are the latest, which are increasingly relevant in 2023 as applications become cloud-native (more distributed tech) and incorporate CI/CD (loads of f***king changes). In this post, I shall try to explain what ASOC and ASPM are, why […]

  • Bionic allows teams to detect, and manage application drift in real-time. Drift in this context doesn’t relate to infrastructure as drift rarely occurs with infrastructure-as-code in ephemeral environments. Bionic allows teams to quickly baseline and lock in their application architectures, so they have drift policies that can notify them in real-time should an architecture change. […]

  • Continuous Delivery (CD) and Infrastructure as Code (IaC) means apps, clusters, and environments are constantly changing in your business. Drift occurs when an app, microservice, or infrastructure ‘drifts’ out of its intended configuration or approved operating boundaries. In short, drift is difficult to detect and introduces risk which isn’t seen or managed until something serious […]

  • Bionic provides teams with a real-time living architecture map of their applications, showing all services, APIs, libraries, dependencies, and data flows. You can think of it as a visual software bill of materials or an SBOM, as it’s called. This is particularly useful for understanding black box applications, accelerating cloud migrations, or even refactoring monolithic […]

  • Bionic can help teams automate threat modeling and security reviews. We use an agentless approach to scan and reverse engineer your applications in any environment. The output is a real-time living architecture map that is code-level accurate. You can now threat model or review security based on what actually exists in your application versus estimating […]

  • Bionic helps teams rapidly understand which applications and services are accessing PII, PCI, and other sensitive data sources. Visualize with Business Context For example, below we can see six business applications that Bionic has discovered along with 68 unique services, which are mapped showing their dependencies to databases. In seconds, we can filter this map to […]

  • Think of Personal Identifiable Information (PII) as gold that companies store about their customers. Gold must be kept in a safe place at all times, with restricted access, effective governance, and auditing to secure it. However, we live in a world today where everything is code. Meaning more things touch corporate gold than ever before. […]

  • As engineering teams accelerate and scale their cloud and CI/CD initiatives, the rate of change in production (and the business) starts to increase dramatically. Continuously delivering small incremental code changes is proven to lower the risk of production incidents and downtime. In addition, tools like DataDog, Splunk, Dynatrace, and New Relic can detect application performance […]

CrowdStrike Bionic

Have you heard the news?

Bionic to be acquired by CrowdStrike to provide the industry’s most comprehensive cloud security platform. Together, we are creating the industry-defining cloud security platform, fully integrated from code to runtime.