CIO Influence
Application Security CIO Influence News

Apiiro Launches New Partner Program, SHINE, Partnering with Security Solutions from Code to Runtime

Apiiro-Launches-New-Partner-Program,-SHINE,-Partnering-with-Security-Solutions-from-Code-to-Runtime

With SHINE, Apiiro Extends its Deep ASPM, Cementing its Open Platform Ethos

Apiiro, the leading application security posture management (ASPM) platform, has announced SHINE, its new integration program. SHINE stands for the program’s guiding principles  SeamlessHolisticInterconnected, Vendor-Neutral, and Enriched – and cements the company’s commitment to integrating across stacks, from development tools, CMDBs, security training tools, communication systems, and, most importantly, security tools from code to runtime.

Also Read: Key Takeaways from Day 1 at Qualtrics X4

Apiiro technology partners can now seamlessly integrate into its Deep ASPM platform and leverage the unique context provided by Apiiro’s Risk Graph. By enriching ingested findings with its deep code inventory and runtime context, Apiiro goes beyond shallow aggregation to:

  • Correlate, de-duplicate, and prioritize findings based on risk likelihood and impact factors garnered from Deep Code Analysis (DCA) and runtime context to reduce manual triaging work.
  • Enrich and tie risks to their root cause and code owner, reducing time spent working with developers to remediate risks and improve mean time to remediation (MTTR).

“We’ve always strived to be a 100% open platform. Now, we have the foundation and commitment to our customers and community to back that up, fostering a collaborative environment where all stakeholders in the application development process can access and utilize critical security insights,” said Moti Gindi, Chief Product Officer at Apiiro. “We’re proud to formally launch this program, ensuring that all partners can contribute to and benefit from a holistic view of application risks.”

As part of SHINE, Apiiro announces dozens of initial integrations across SAST, SCA, secrets security, container security, cloud security, bug bounty, and other security tools, doubling down on its position as a 100% open ASPM platform.

Also Read: Qualtrics X4 Kicks Off in Salt Lake City — CEO Zig Serafin Demonstrates Next-gen of Experiences

Anchor Partner Quotes

“Mend and Apiiro have a shared goal of enabling AppSec teams to reduce risk and accelerate development. Integrations like ours are non-negotiable as we continue to empower our enterprise customers with the flexibility they need when dealing with the complexity of cloud-native environments.” – Vered Shaked, EVP Corporate Development and Strategic Partnerships, Mend.io

“The JFrog Platform offers a consolidated solution for DevOps and DevSecOps, covering the full Software Supply Chain, including OSS Package Curation, SAST, SCA, Contextual Analysis, and Secret Detection. Apiiro’s integration with JFrog provides users with additional context to show a broader perspective of the security posture of a project. Our mutual customers can now avoid using point solutions and gain end-to-end visibility directly connected to the main asset of their SSC: the Binaries. Leveraging insights from Apiiro and JFrog’s comprehensive security solution automates the conversion of security findings into actionable steps, ensuring full traceability to the relevant teams involved in the organization’s SDLC.” – Gal Marder, SVP of Strategy, JFrog

“Our customers are juggling countless tools and processes to keep up with the drumbeat of cloud-native development, so enabling them with a contextual single pane of glass is a must,” said Ori Bendet from Checkmarx. “Our integration streamlines the application cyber risk and remediation lifecycle making remediation and prioritization easier for everyone. This is key in helping application security and development teams in their efforts to manage application risk and ensure compliance while supporting business growth.” – Ori Bendet, VP Product Management, Checkmarx

“By unifying findings across our customers’ security testing tools and bug bounty programs for correlation and root cause mapping, the Bugcrowd and Apiiro integration helps our customers fix risks faster. Plus, Apiiro’s application attack surface and coverage mapping enables our customers to fine-tune the scope of their bug bounty programs.” – Jacques Lopez, VP, Global Channel Sales & Strategic Alliances, Bugcrowd

Other integrations include Akamai, Black Duck, Fortify, GitHub, GitLab, Secure Code Warrior, Sonatype, Snyk, Wiz and several dozen others.

Also Read: Asure Partners with HRlogics to Empower Clients with Access to Capital through Employer Tax Credits and Hiring Incentives

What Else is New

To strengthen the formalization of SHINE and bolster the vision to unify risk visibility across tools to processes and from code to cloud, Apiiro has also introduced multiple platform enhancements:

  • Manual Security Findings Ingestion: In addition to integrating with security tools, Apiiro now ingests findings from bug bounty programs, manual threat models, and penetration tests, helping AppSec teams unify visibility across and correlate risks from all their disparate sources.
  • Container Inventory and Security Experience: Apiiro is rounding out its in-app experiences by risk category with container security, providing its customers with visibility across artifacts, connecting container images to their associated repository or code module, and more.
  • Risk Exposure Path: This visualization matches each risk from its source in code to associated containers, repositories, pipelines, and eventually, its runtime services, as powered by Apiiro’s patented Deep Code Analysis (DCA) technology and code-to-runtime matching.
  • Contextual Prioritization Funnel: Apiiro visually surfaces its contextual risk factors, such as whether a risk is in a code module that is in active development, is deployed, or is used in code (i.e. reachable), helping its customers to narrow in on real, business-critical risks.

Contextual Prioritization Funnel

By combining its open platform approach with its Deep Code Analysis (DCA) technology, Apiiro acts as a central AppSec control plane to give businesses the ability to define risk-based policies, build automated process triggers, and give developers a single interface across security tools—with all the context needed to fix fast and prevent the risks that matter. New integrations are coming soon with an industry-leading SLA of two weeks for building new vetted integrations.

[To share your insights with us as part of editorial or sponsored content, please write to sghosh@martechseries.com]

Related posts

Bracing for Impact: Manufacturers Must Prepare for Looming Cyberattacks

CIO Influence News Desk

LogRhythm Accelerates Threat Detection Capabilities with Innovations to Product Suite

Culligan Announces Launch of Cullie

Business Wire