Application security posture management platform company Bionic Inc. today launched two new features to help customers understand and manage the vulnerabilities and threats to their applications more efficiently.

The first release, Bionic Signals, is designed to address the increasingly complex issue of security tool sprawl. According to Gartner, 78% of chief information security officers operate with a portfolio of 16 or more cybersecurity tools, while 12% manage 46 or more. The average security team in larger enterprises even deals with more than 76 security tools.

Bionic Signals tackles this problem by ingesting and correlating security data from a vast range of sources, enhancing the context and comprehension of vulnerabilities and threats in relation to the business and application security posture. The functionality is said to streamline the handling of the various security tools in operation and also aids in reducing the excess noise that these tools generate.

The new service integrates with platforms such as Snyk SCA and Sonatype IQ, allowing customers to utilize the power of Bionic ASPM from the Snyk and Sonatype user interfaces. The Bionic Signals feature also enriches customers’ understanding of threats by providing context from both application and cloud security tools and assesses the impact of other security tools on applications in production.

The second release, Business Risk Scoring, is designed to address a crucial need for context-rich risk assessment, prioritization and remediation in application security. Bionic argues that traditional methods struggle to deliver adequate information for risk-based prioritization, which is imperative in making informed decisions regarding security.

Bionic’s Business Risk Scoring enhances architecture maps with data context, assigning a numerical score between 1 and 100 to each threat. The score is derived from the threat’s profile and severity, the business criticality of the affected application or component, and the exploitability of the vulnerability.

The scoring includes granular and highly contextual risk assessment, with threats categorized into four severity levels: critical, high, medium and low. The classification system allows customers to comprehend the impact of threats impact on their applications rapidly.

“Most security tools today focus primarily on discovery, but without operational insights into critical exploitable business risks, all they provide is noise,” co-founder and Chief Technology Officer Eyal Mamo, said ahead of the announcement. “Our next-gen application security platform discovers and visualizes all services, and then Bionic discovers and visualizes application services, dependencies, APIs and data flows. We then detect, score and prioritize application risk so that teams can spend time fixing what needs to be fixed.”

Bionic Signals for Sonatype IQ and Bionic Business Risk Scoring are generally available today. Bionic Signals for Snyk SCA will be available in July.

Image: Bionic