New Relic’s Vulnerability Management provides visibility across the entire software stack
New Relic has introduced the public preview of New Relic Vulnerability Management to empower organizations to manage their security posture and risk as a core part of their observability strategy.
This new offering helps engineering teams eliminate data and team silos that can cause security blind spots, slow mitigation times, and lower innovation velocity.
With Vulnerability Management, all native and external security data is available in a single platform to give engineers instant visibility and context-driven security analysis across the entire software stack as part of APM product, without any additional configuration.
Securing modern software systems is getting exponentially more complex as application architectures are composed of thousands of heterogeneous components, each with the potential to carry business critical security vulnerabilities that can increase the risk of IP theft, data loss, reputational damage, and more.
New Relic is one of the observability vendors to build a security product with an open ecosystem, allowing engineers to import security signals from partner security risk assessment tools alongside vulnerability detection across all application dependencies.
By using a unified data platform, organizations have the data they need to assess signals from noise to reduce risk while maintaining innovation velocity.
“It’s imperative for companies to unify their security and engineering practices to stay ahead of attacks without compromising innovation or customer experience. Observability is uniquely positioned to help security and engineering teams solve this challenge by providing complete visibility into security issues in one place,” said New Relic CEO Bill Staples.
“The organizations that get this right will be able to deliver more innovation to market, close security gaps, and better protect customer data.”, Staples continued.
“Now that most businesses run part or all of their business through applications, addressing security blind spots and slow mitigation times is essential,” said IDC Group Vice President Stephen Elliot.
“Companies that experience infrastructure and application vulnerabilities are at risk of reputational damage that is difficult to recover from. Combining security with observability enables teams to stay ahead of these issues and focus on innovation rather than problems.”, Elliot continued.
Vulnerability Management public preview includes:
- Application vulnerability analysis: View presence of CVEs (Common Vulnerabilities and Exposures) across all dependencies. Get recommendations to update libraries and deploy across 7+ languages
- Infrastructure vulnerability analysis: View cloud posture risks based on CIS (Center for Internet Security) benchmarks alongside cloud resource performance. Get recommendations for updates based on known issues.
- Integrate external security tools: Integrate data from tools such as Snyk, Lacework, Github Dependabot, AWS Security Hub and others using built-in quickstarts, or use APIs to pull in data from any custom source.
- Mitigation and collaboration workflows: Easily link vulnerabilities to specific organizations, teams, applications, or services based on context available in New Relic. Assign issues to engineers in New Relic for rapid triage.
- All-in-one platform access: Automatic access to these Vulnerability Management features for full platform users on Data Plus with no additional cost or need for contract changes.
Vulnerability Management is currently available in public preview as part of the New Relic platform—the all-in-one observability platform with a secure telemetry cloud for all telemetry metrics, events, logs, and traces, full-stack analysis tools, and predictable usage-based pricing instead of disjointed SKU bundles.