CrowdStrike has announced it has agreed to acquire Bionic, a pioneer of Application Security Posture Management (ASPM). The combination will extend CrowdStrike’s leading Cloud Native Application Protection Platform (CNAPP) with ASPM to deliver comprehensive risk visibility and protection across the entire cloud estate, from cloud infrastructure to the applications and services running inside of them. As a result, CrowdStrike will be the first cybersecurity company to deliver complete code-to-runtime cloud security from one unified platform.
Announced at the industry’s marquee cybersecurity conference, CrowdStrike Fal.Con 2023, the signing of the deal comes on the heels of CrowdStrike’s Q2 FY24 financial results, in which the company delivered a record quarter for its fast-growing cloud security business. In addition, ending ARR as of July 31 2023 for CrowdStrike modules deployed in the public cloud grew to US$296 million, up 70% year-over-year – larger than almost every cloud security vendor.
“The cloud is cybersecurity’s new battleground, yet the industry’s answer to date has been disjointed point security tools or platforms with multiple consoles and agents,” said George Kurtz, Co-founder and CEO, CrowdStrike. “We are delivering what customers need: modern protection to address cloud security risk comprehensively, through one unified platform. We pioneered cybersecurity for the cloud era and the addition of Bionic further extends our cloud security leadership on our mission of stopping breaches. Bionic shares our passion for customer-focused innovation and will make a great addition to the CrowdStrike team.”
The battle to stop breaches moves to the cloud
According to the CrowdStrike 2023 Global Threat Report, cloud exploitations increased by 95% and the number of cloud-conscious threat actors increased more than 3x in the last year. At the same time, the growth of cloud computing, the speed of DevOps and the increased use of no- and low-code development platforms have led to an explosion of applications and microservices running within cloud environments.
The speed and dynamic nature of application development makes it nearly impossible for organisations to maintain a full picture of every application and their dependencies running their environment, or the microservices interacting with cloud infrastructure. This creates a massive risk profile that cloud-savvy adversaries continually look to exploit.
Bionic will extend the Falcon platform’s unique agent and agentless protection of cloud infrastructure with unprecedented visibility into application behaviour and vulnerability prioritisation for both server-based and serverless infrastructure, without disrupting the development process. Key capabilities of Bionic include:
- Real-time, frictionless application visibility: Discover and map all application services, databases, microservices, third parties, APIs and data flows across cloud service providers and both hybrid and on-premise application deployments via an agentless approach. Applications are automatically deconstructed while seamlessly integrating with CI/CD pipelines, removing the requirement for sensitive source code access.
- Instantly prioritise application-level vulnerabilities: Eliminate up to 95% of vulnerability noise and prioritise the top business-critical risks that can be exploited in production applications, so teams know what to fix first based on business impact.
- Complete visibility for serverless infrastructure: Reduce risk with vulnerability scanning for serverless infrastructure, such as Azure Functions and AWS Lambda.