DevSecOps automation tools startup Rezilion Inc. today announced the full availability of its new, automated vulnerability management solution.
Designed to identify, prioritize and remediate vulnerable software, Rezilion’s new management solution is pitched as uniquely solving challenges in the software attack surface by applying automation at all critical stages in the software security workflow, providing security teams with full-stack assurance and giving developers time back to build more products.
Rezilion argues that as the software attack surface rapidly changes, security, development and infrastructure teams seeking to secure their software cannot keep pace. Difficulties include teams only seeing portions of the software attack surface at one moment in time, combined with a massive amount of vulnerability alerts that are noisy and confusing.
The quandary facing teams is that too much patching takes time, but too little patching means patching backlogs grow. These factors slow innovation and open the window of risk from exploitation by bad actors. That’s where Rezilion’s new automated vulnerability management solution steps in.
Features include deep vulnerability validation through a “Next Generation Vulnerability Database” of thousands of vulnerabilities that are pinpointed to the class and function level, empowering understanding of whether or not a vulnerable file is loaded to memory and whether the specific vulnerable class or function is actually executed. The feature is said to allow customers to de-prioritize close to 95% of detected software vulnerabilities and further reduce their patching backlogs.
Support for continuous integration in the release meshes Rezilion directly into development pipelines, providing customers immediate feedback and saving them time on patching vulnerabilities. Remediation workflow integrations facilitate automated ticketing with tools including Jira and ServiceNow, and the service’s fully automated remediation capability will work in CI Pipelines to provide automatic upgrading and testing of vulnerable packages that are found to be exploitable.
“The enhancements we’re rolling out today are not only a revolution for our platform, but are a sign of a more fundamental shift in how our industry is thinking about software attack surface management, as a whole,” Liran Tancman, co-founder and chief executive of Rezilion, said in a statement. “For too long, companies have had to compromise between the speed and security of their software products, a challenge ultimately caused by a vulnerability management toolset that cannot work as broadly, accurately, or immediately as their business requires.”
Rezilion was last in the news in September when it raised $30 million in new funding to scale up its operations and expand its products. JVP and Kindred Capital led the round.