ZeroNorth, the industry’s first provider of risk-based vulnerability orchestration across applications and infrastructure, announced new platform capabilities that enable customers to more effectively build security into the software development life cycle (SDLC) and evaluate, prioritize and respond to risk based on business context.
These enhancements are driven by new integrations with software pipeline and enterprise security platforms, and advanced filtering and analytics capabilities.
The ZeroNorth platform enables organizations to embrace critical digital transformation initiatives, such as DevOps, the cloud and microservices, without leaving security behind.
By orchestrating the many different scanning tools organizations rely on, the ZeroNorth platform reduces the resources required to implement a comprehensive vulnerability management program. ZeroNorth also provides more complete and consistent data that enables organizations to proactively manage risk.
“As digital transformation initiatives have become a necessity for organizations of all sizes, it’s critical that security teams and developers work in lockstep to prevent the speed of development from compromising security, and the speed of security from slowing down development,” said John Worrall, chief executive officer at ZeroNorth.
“Our latest platform enhancements help to easily bring security to developers where they already live, reducing the friction often found between these teams.”
Strategic integrations enable developers
The ZeroNorth platform bridges the gap between security and development teams by integrating with the software pipeline platforms that developers use most, such as GitHub, GitLab, Azure DevOps and BitBucket. Through these integrations, the ZeroNorth platform is able to:
- Provide a security overlay to the pipeline platforms;
- Consume the security telemetry that the pipeline platforms natively produce;
- Integrate with and scan material deposited in or built by the pipelines’ source code repositories and pipelines respectively;
- Notify developers of risk and remediation advice in the pipeline platforms’ native forms.
Actionable risk intelligence empowers security
For security to drive value, the intelligence derived from these tools much be actionable. Organizations strive to act in the context of business risk, which companies struggle with on a daily basis.
To address this challenge head-on, the ZeroNorth platform now enables customers to put test and vulnerability scan data into business context through advanced tagging, filtering and analytics. By clearly aligning security intelligence with the business, security teams can more effectively prioritize remediation efforts.
Integrations strengthen overall security
The ZeroNorth platform continues to add strategic integrations with other market leaders to provide deeper insight and visibility into risk across applications and infrastructure. The new integrations include:
- Redlock: ZeroNorth is integrating with Redlock to provide customers with more complete visibility into cloud configuration and compliance to cloud policy guiding principles. This will enable organizations to better identify risk through cloud configurations and the security data the tool provides across Microsoft Azure, Google Cloud and AWS environments.
- Onapsis: ZeroNorth is integrating with Onapsis to help customers strengthen security across SAP environments. Through the integration, customers will be provided with visibility into risk that materializes from SAP platform code and, thus, take steps towards remediation.
The new enhancements further establish ZeroNorth as the leading provider of risk-based vulnerability orchestration across applications and infrastructure. The platform is pivotal for organizations that rely on software development as a competitive advantage, as it enables customers to move development efforts at the speed of the business without neglecting security.