Cycode Introduces Complete Approach to Application Security Posture Management (ASPM)
SAN FRANCISCO, Nov. 14, 2023
Cycode, the leader in Application Security Posture Management (ASPM), today unveiled ConnectorX, an open, click and connect ASPM connector capability that features inaugural support for Wiz and Black Duck, in addition to more than 40 existing SDLC integrations. This comes along with significant enhancements to its Risk Intelligence Graph (RIG) for smarter, risk-based prioritization. With this launch, Cycode delivers the capabilities needed for a complete approach to ASPM, enabling security and development teams to align, build trust and collaborate on maintaining strong application security posture.
“Today, many organizations face hefty application security backlogs packed with mis-prioritized security findings and inadequate resources to address them while the application attack surface continues to expand,” said Jim Mercer, Research Vice President of DevOps and DevSecOps at IDC. “These organizations can improve visibility and agility across application security and the pipelines supporting those applications by using solutions such as the Cycode ASPM platform, which takes a multidimensional approach tracking the risk posture of the application.”
These challenges have led to conflicts between security and development teams, creating what Cycode coined “AppSec Chaos” — ultimately eroding trust between the two groups. Cycode prides itself in introducing a new philosophy that fosters improved collaboration between security and development teams, transforming Developer Security into a team sport.
Some key enhancements to Cycode’s complete ASPM include:
- ConnectorX – Cycode’s click and connect 3rd party ASPM integration platform that provides companies with the choice to use Cycode’s native ASPM tools or maximize their investments in their existing AppSec tools. Using ConnectorX, companies can plug in any AppSec solution (i.e. SCA, SAST, Secrets, etc.) and within minutes, gain accurate, real-time visibility into their security posture.
- Risk Intelligence Graph (RIG) – Leveraged by Cycode’s native security solutions and ConnectorX, the RIG is its ASPM engine that provides complete code to cloud traceability and automates vulnerability discovery, prioritization and remediation. This release includes enhancements to the RIG’s risk scoring capabilities, a core component of its prioritization engine that bolsters its ability to hone in on the 1% of critical vulnerabilities that matter most to the enterprise. Additional detail about the RIG’s enhancements and rich feature set can be found here.
- Consolidation is now possible – With the Cycode Complete ASPM, companies can use Cycode’s native scanning solutions like (SAST, SCA, IaC, Secrets, CI/CD, etc.) or decide to continue using their existing solutions. Now, managing the burden, cost, inefficiencies and choices from developers of having too many siloed (and vendor-locked) security tools from code to cloud can be behind us.
“We believe developer security is a team sport not just between security and development teams, but industry-wide,” said Lior Levy, Co-founder and CEO, Cycode. “This belief fuels our R&D efforts and was core to our decision to create ConnectorX, which ensures companies can finally have the visibility always needed in a single platform.”
As a Cycode customer, theScore uses one platform dedicated to developer security now that a complete approach to ASPM is possible.
“In security, scanning data is important, but it’s more than that. It’s the data collection. It’s the correlation. It’s being smart with the data to understand the full picture of your risk, to understand what alerts to focus on first,” said Jamie Sadler, Head of Application Security at theScore. “Cycode was the only platform that was being smart with their data.”
All enhancements and additional information on Cycode’s complete approach to ASPM can be found here.
Cycode is the leading Application Security Posture Management (ASPM) providing Peace of Mind. Its complete ASPM platform scales and standardizes developer security without slowing down the business. With Cycode’s complete ASPM, security teams can eliminate context switching, amplify visibility, prioritize and eliminate risk to ensure end-to-end code to cloud coverage, leaving no room for attacks to go unnoticed. Cycode’s Risk Intelligence Graph (RIG) provides unmatched visualization, deep code context and risk scoring across the entire SDLC. Backed by tier-one investors Insight Partners and YL Ventures, the series-B company has raised $80M and boasts a number of the top global Fortune 100 customers in the world that are gaining immediate value.
Book a demo of Cycode’s ASPM platform here.
Montner Tech PR