New Relic, the all-in-one observability platform for every engineer, announced the general availability of New Relic Vulnerability Management to provide customers with security monitoring, helping engineering teams identify and triage vulnerabilities across their tech stack, all in one place, now available for purchase until the end of January at a promotional rate. This includes new Interactive Application Security Testing (IAST) capabilities, added to New Relic with the acquisition of K2 Cyber Security, that enable teams to perform vulnerability testing without having to make any code changes or interrupting normal business operations. Vulnerability Management is available out of the box and available without additional configuration.
Vulnerability Management is a natural addition to New Relic’s existing 30+ observability capabilities and aligns with its vision of eliminating data, tool, and team silos. The solution integrates New Relic’s native vulnerability signals and third party security signals into its purpose-built Telemetry Data Platform to monitor and manage all enterprise telemetry data in one place. Development, security, and operations teams can now use one connected experience to manage application security issues and avoid switching between siloed tools. All of this is available as part of New Relic’s industry leading simple and transparent consumption pricing with a promotional offer to democratize observability and security for all engineers.
Today, DevOps teams work separately from security organizations, using different assessment tools and siloed data that can result in an incomplete picture of the vulnerability surface area of the software stack. This leaves many organizations struggling to protect their applications at the source code and runtime level. For example, security teams are still dealing with a critical flaw in the popular open-source logging tool Log4j more than a year after it was announced – of which 30% of instances remained vulnerable to exploitation. These types of vulnerabilities are challenging to locate and identify in the stack and can be so widespread that they can impact mission-critical software through unknown external dependencies. Vulnerability Management solves for this by providing visibility into an organization’s entire tech stack so they can identify vulnerabilities and protect their applications at every stage of the software development lifecycle.
CIO INFLUENCE: Anglicare Leverages Ribbon and Switch Connect for Voice Consolidation and Path for Microsoft Teams Deployment
“Maintaining application security is a critical part of the overall software developer workflow.” said New Relic CEO Bill Staples. “As a leader in observability, New Relic’s data-driven approach puts us in a unique position to provide security visibility across the entire enterprise tech stack. Our customers have been rapidly adopting the new Vulnerability Management capability while in preview and we are very excited to begin general availability at a promotional price, and simultaneously introduce new Vulnerability Testing capabilities in limited preview. ”
“Over 220 million Africans rely on our platform for their payment needs. We provide the payment rails to 120 banks and thousands of global and local businesses for their everyday operations, which means that security at scale is paramount to our business,” said Cellulant VP of Software Engineering Michael Muriuki. “New Relic Vulnerability Management has made it very easy for our engineers to gain real-time visibility into our applications at the production level and identify any vulnerabilities, assess their criticality, put them into context, and fix them at the application layer. We are able to do all of this at scale while preserving precious engineering resources and maintaining great customer experience.”
CIO INFLUENCE: Datometry Releases Driver Integration for BigQuery, Further Future-Proofing Its Customers’ Investments
“Our digital marketplace enables thousands of creators. Like any thoughtful business, trust and security are fundamental to providing an excellent customer experience, which is why we rely on New Relic to bring our observability practice into alignment with our security practice,” said Thortful Co-founder and CTO Eric Genet. “Our engineers don’t have to look at multiple systems. They can see all of their alerts and system performance in one place, so we can get in front of potential issues well before they reach the customer.”
Key capabilities include:
- Zero configuration visibility: Instant and actionable security information with no additional configuration that brings continuous runtime software composition analysis (SCA) for risk assessment across the stack.
- New vulnerability testing capabilities in limited preview: Detect signatureless vulnerabilities in pre-production environments using IAST. The new capabilities leverage a patented deterministic technique to identify and provide automated vulnerability validation with proof of exploit.
- Open third party integrations: Unified security view across the stack and software lifecycle by adding security data with New Relic’s open ecosystem using built-in quickstarts, or from any custom source using New Relic’s security APIs.
- Automatic risk prioritization: Evaluate security risks across the software stack correlated with the service catalog.
- Alerting on newly discovered vulnerabilities: Notifications via Slack and Webhooks when new vulnerabilities are introduced in the code base.
CIO INFLUENCE: Ericsson presents a Green Financing Framework
[To share your insights with us, please write to sghosh@martechseries.com]