New Critical Risk Scoring and CyberArk integration, and seamless agentless integrations with Kubernetes and Amazon.
Bionic has been extremely busy this quarter ensuring that our customers (and future customers) have the best Application Security Posture Management (ASPM) solution. Check out what we’ve been up to.
Critical Risk Scoring
Bionic Risk Score is Bionic’s interpretation of what defines an application risk. This unique feature clearly indicates the violations that need to be mitigated first as they have the most impact on the application’s (and business’) overall risk.
Critical Risk Scoring is broken into two categories:
- Service Impact
- Service Exploitability
The impact is represented by the combination of:
- Rating: the highest severity level of un-resolved violations
- Data Sensitivity (PII/PCI/PHI) – Does this service reach or contain any sensitive data?
- Business Criticality – What is the level of criticality of this service for the organization?
Bionic’s Service Exploitability is represented by:
- Whether a Service is internet facing or not
- Whether a Service connects to 3rd party services or not
- Whether a Service connects to internal services or not
Critical Risk Scoring creates the following benefits:
- Gain visibility into an organization’s application security posture and the ability to measure it over time
- Identify and mitigate the riskiest applications and services
- Shorten violation remediation lifecycle and improve SLA by automating planning using specific rules to create tickets, using Risk Score as a filter
- Understand the correlation between architecture drift and risk
- Understand the potential impact of deploying new applications on the overall organization’s application security posture
- Identify the riskiest areas of the network such as cloud provider, region, availability zone, etc.
Kubernetes Collection & Integration
Bionic has added a new collector for a smoother and more efficient collection within your Kubernetes environment and two new capabilities in the Kubernetes integration.
The Kubernetes collector enables you to quickly collect Kubernetes information from running pods and clusters using an API collection to view services running on containers via the Bionic application (map, inventory).
Kubernetes allows you to query and even manipulate the state of API objects in your Kubernetes environment such as in Namespaces and Pods. The collector exposes an HTTP API that allows end users, various components of your cluster, and external elements to communicate with one another.
The Kubernetes collector now offers 3 types of filtering options to determine to collected data scope:
There is now a new “Group By” option in the map called Kubernetes Namespace.
Customers can now group by Kubernetes namespace in the Bionic map and filter container collection from the Kubernetes environment.
These new features allow customers to easily locate namespaces in the Bionic map and isolate the exact namespaces pod they are looking for, ensuring a clear organized structure.
Kubernetes’s namespaces provide a mechanism for locating and isolating groups of resources in a single cluster. This allows users to clearly see all services that are part of the same virtual sub-cluster (Kubernetes namespace).
A smoother and more efficient collection within your Kubernetes environment allows for you to accelerate the data collection process, improving time-to-value. This process is now more self-service, which allows your team to execute collections within a few minutes.
Automatic Role Creation via AWS CloudFormation
Bionic is introducing a new AWS Integration to simplify AWS’s onboarding process as simple as a single click.
CloudFormation creates a bucket for each region in which you upload a template file. The buckets are accessible to anyone with Amazon Simple Storage Service (Amazon S3) permissions in your AWS account. If a bucket created by CloudFormation is already present, the template is added to that bucket.
You can use CloudFormation to create the Bionic role in your AWS environment. This method will create a new role Bionic uses to integrate your AWS environment. Onboarding with Cloudformation will therefore be much more straightforward and take less time to configure.
Integrating with AWS will allow you to:
- See automatic AWS status updates in your event stream
- Get CloudWatch metrics for EC2 hosts without installing the Agent
- Tag your EC2 hosts with EC2-specific information
- See EC2 scheduled maintenance events in your stream
- Collect CloudWatch metrics and events from many other AWS products
- See CloudWatch alarms in your event stream
Bionic now supports integrating with Cyberark, a security tool used for the security of privileged accounts through password management. On-premise customers using Bionic SSH Authentication Scan Collection will be able to manage all scanned host keys and credentials via CyberArk, allowing for each key or credential to be scanned dynamically.
Integrating with Cyberark will allow you to pull the keys/credentials of your appliances for each scan dynamically.
Want to learn more about Bionic? Request a technical demo of the platform to see this all in action.