Today, we’re pleased to announce that we’re being acquired by cybersecurity leader CrowdStrike to amplify and extend their cloud security capabilities to the application layer.
Together, CrowdStrike and Bionic will help customers manage security and business risk that comes with two of the greatest challenges in technology: ephemeral, cloud-native services and highly dynamic, rapidly changing applications in production.
As the first big step in this partnership, we’re also unveiling a new direct signal integration between Bionic and CrowdStrike.
CrowdStrike’s Falcon Cloud Security platform is an industry-leading solution that stops breaches using the world’s only unified agent and agentless approach to cloud security. With Falcon Cloud Security, CrowdStrike extends security from endpoint to cloud.
Bionic Application Security Posture Management (ASPM) enriches Falcon Cloud Security, making cloud applications secure and resilient in production. It all starts with visibility. Specifically, Bionic provides visibility into the business logic and microservices that run inside your cloud applications, workloads, and containers. Bionic discovers and maps all application services, dependencies, APIs, and data flows across cloud providers, regions, and zones in production.
Bionic then analyzes these attack surfaces to detect vulnerabilities and security anti-patterns to score and prioritize risk based on what’s actually exploitable and impacts the business.
CrowdStrike & Bionic: Secure from Endpoint to Cloud to Application
This partnership brings complete cloud and application visibility to help secure any cloud-forward organization.
With Bionic and CrowdStrike, you will get immediate visibility into the cloud and app-level risks in production. This approach scales with you, your cloud environments, and your applications – without dedicated resources on your applications.
Our integration with CrowdStrike delivers the following benefits:
Benefit 1: View CrowdStrike Vulnerabilities with Application Context
Correlate the threats, Indicators of Attack (IOA), and Indicators of Misconfiguration (IOM) CrowdStrike finds to your application architecture so you know which services and dependencies are affected.
CrowdStrike gives you a wealth of information about security issues from the network, infrastructure, and operating system perspective. The following example shows a confidential access vulnerability that goes against NIST, SOC2, and PCI regulations.
Within Bionic, you can determine how this issue correlates to your applications and services. This adds critical business application context to many security issues from the cloud or network. You can answer with absolute certainty. “How does this issue impact my applications in production right now?”
The Bionic map shows how the same security issue in CrowdStrike translates to an application. The particular violation impacts the customer_profile application service.
Benefit 2: Prioritize CrowdStrike Vulnerabilities with Business Risk Context
Focus on the CrowdStrike violations that create the most business risk within your organization’s application environment.
Here on the Bionic violations screen, we see 105 total violations from the CrowdStrike Security Signal. Only 16 violations are critical.
A single click reveals the details of a specific violation. Below, you’ll see the side panel details of a violation concerning an EC2 instance that allows global public internet access.
The side panel provides a full description of details of CrowdStrike IOM/IOA and policies, risk severity (as calculated by Bionic), affected application services, sensitive data, exploitability factors, as well as technology and deployment details.
The EC2 instance with global public internet access violation, seen above, has a Critical severity rating and it affects the delivery_scheduling application service.
Here’s the data flow view of the affected delivery_scheduling service, with Bionic Business Risk Scoring details. The service has a Business Risk Score of 86. There’s one High violation in Compliance and two Critical violations in Cloudstrike Cloud Security. There’s no sensitive data, but connections to the internet, third parties, and internal services exist.
Benefit 3: Automated Workflows Between Bionic and CrowdStrike
Transition seamlessly from Bionic to CrowdStrike for added context and frictionless, integrated workflows.
There are now direct links to CrowdStrike from multiple places in Bionic, including the map and violations detail panels.
Here’s a view of the violation from the CrowdStrike Platform.
You can open an issue in CrowdStrike from the Bionic platform with a single click. Create a ticket in Jira with all relevant CrowdStrike and Bionic information to help your team fix issues quickly and efficiently.
Bionic and CrowdStrike bring unparalleled context to complex, chaotic cloud environments and applications. The integration will contextualize and correlate cloud security threats to the application and data level to show you the affected services and dependencies.
CrowdStrike and Bionic integrate within minutes, giving you immediate access to more context.
For more information on the acquisition and the vision for CrowdStrike Cloud Security with the integration of Bionic, visit CrowdStrike.