Today, we’re pleased to announce a partnership with the industry leader in cloud security, Wiz to provide next-generation Cloud and Application Security.
The Wiz + Bionic partnership will help customers manage security and business risk that comes with two of the greatest challenges in technology: ephemeral, cloud-native services and highly dynamic, rapidly changing applications in production.
Wiz is an agentless solution that secures modern cloud environments. In addition to detecting cloud misconfigurations, Wiz detects vulnerabilities across the entire stack of cloud services, workloads, OS, processes, and containers.
Bionic does what Wiz does but focuses on the application layer. Specifically, the business logic and microservices that run inside your cloud workloads, and containers. Bionic discovers and maps all your application services, dependencies, APIs, and data flows across cloud providers, regions, and zones in production. Bionic then analyzes these attack surfaces to detect vulnerabilities, and security anti-patterns to score and prioritize risk based on what’s actually exploitable and impacts the business.
Bionic Application Security Posture Management (ASPM) helps make cloud applications secure and resilient in production.
Wiz + Bionic: Unified Next-Generation Cloud and Application Security
This partnership brings unified next-generation cloud and application security to any organization.
Both Bionic and Wiz are agentless. This means that you’ll get almost immediate visibility and value without having to deploy or manage any agents or sensors. This approach scales with you, your cloud environments, and your applications – without dedicated resources or overhead on your applications.
Our integration with Wiz delivers the following benefits:
Benefit 1: View Wiz Vulnerabilities with Application Context
Correlate the threats that Wiz finds to your application architecture so you know exactly which services and dependencies are affected.
Wiz gives you a wealth of information about security issues from the network, infrastructure, and operating system perspective. In the following example, we can see that there’s an externally exposed and unpatched VM instance in the Bionic demo environment.
Within Bionic, you can drill down to see how this same issue correlates to your applications and services. This adds critical business application context to many security issues that come from the cloud or network. You can answer with absolute certainty. “How does this issue impact my applications in production right now?”
From the Bionic map, we can see how the same security issue in Wiz translates to an application. The particular violation impacts the order_validator application service.
Benefit 2: Prioritize Wiz Vulnerabilities with Business Risk Context
Focus on the Wiz violations that create the most business risk for your organization.
Here, from the Bionic Violations screen, we see that there are 12 total Wiz violations.
One more click reveals that only 1 of those 12 violations is classified as critical.
Just one more click shows the order_validator application service in detail. You’ll see key information, including data flows, when it was last scanned, the other top violations in the application service, the tech stack that it applies to, and the factors contributing to its risk score.
Overall, order_validator is the fourth riskiest service with a risk score of 82, which translates to a “High” risk rating. In the risk score panel, you’ll see that it contains PII, the highest violation severity is critical, and there’s an internal connection that makes this violation exploitable.
Benefit 3: Automated Workflows Between Bionic and Wiz
Transition seamlessly from Bionic to Wiz for added context and frictionless, integrated workflows.
From the Bionic platform, you can open an issue in Wiz with a single click. Create a ticket in Jira with all relevant Wiz and Bionic information to help your team fix issues quickly and efficiently.
Together, Bionic and Wiz bring unparalleled context to complex, chaotic cloud environments and applications. The integration will contextualize and correlate cloud security threats down to the application and data level to show you the affected services and dependencies.
Even better, Wiz and Bionic integrate within minutes, giving you immediate access to more context.
For more information about how to secure cloud environments and applications at scale with Wiz and Bionic, visit bionic.ai/wiz or request a demo.