CrowdStrike has announced it has agreed to acquire Bionic, the pioneer of Application Security Posture Management (ASPM). The combination will extend CrowdStrike’s leading Cloud Native Application Protection Platform (CNAPP) with ASPM to deliver comprehensive risk visibility and protection across the entire cloud estate, from cloud infrastructure to the applications and services running inside of them. As a result, CrowdStrike will be the first cybersecurity company to deliver complete code-to-runtime cloud security from one unified platform.
Announced at the industry’s marquee cybersecurity conference, CrowdStrike Fal.Con 2023, the signing of the deal comes on the heels of CrowdStrike’s Q2 FY24 financial results, in which the company delivered a record quarter for its fast-growing cloud security business. In addition, ending ARR as of July 31, 2023 for CrowdStrike modules deployed in the public cloud grew to $296 million, up 70 percent year-over-year – larger than almost every cloud security vendor.
“The cloud is cybersecurity’s new battleground, yet the industry’s answer to-date has been disjointed point security tools or ‘platforms’ with multiple consoles and agents,” said George Kurtz, co-founder and chief executive officer at CrowdStrike. “We are delivering what customers need: modern protection to address cloud security risk comprehensively, through one unified platform. We pioneered cybersecurity for the cloud era, and the addition of Bionic further extends our cloud security leadership on our mission of stopping breaches. Bionic shares our passion for customer-focused innovation and will make a great addition to the CrowdStrike team.”
The Battle to Stop Breaches Moves to the Cloud
According to the CrowdStrike 2023 Global Threat Report, cloud exploitations increased by 95% and the number of cloud-conscious threat actors increased more than 3x in the last year. At the same time, the growth of cloud computing, the speed of DevOps, and the increased use of no and low code development platforms has led to an explosion of applications and microservices running within cloud environments. The speed and dynamic nature of application development makes it nearly impossible for organizations to maintain a full picture of every application and their dependencies running their environment, or the microservices interacting with cloud infrastructure. This creates a massive risk profile that cloud-savvy adversaries continually look to exploit.
Bionic will extend the Falcon platform’s unique agent and agentless protection of cloud infrastructure with unprecedented visibility into application behavior and vulnerability prioritization for both server-based and serverless infrastructure, without disrupting the development process. Key capabilities of Bionic include:
- Real-time, frictionless application visibility: Discover and map all application services, databases, microservices, third-parties, APIs, and data flows across cloud service providers and both hybrid and on-premise application deployments via an agentless approach. Applications are automatically deconstructed while seamlessly integrating with CI/CD pipelines, removing the requirement for sensitive source code access.
- Instantly prioritize application-level vulnerabilities: Eliminate up to 95% of vulnerability noise and prioritize the top business-critical risks that can be exploited in production applications, so teams know what to fix first based on business impact.
- Complete visibility for serverless infrastructure: Reduce risk with vulnerability scanning for serverless infrastructure, such as Azure Functions and AWS Lambda.
CrowdStrike plans to offer Bionic ASPM as an independent offering and fully integrated as a capability of Falcon Cloud Security, part of the AI-powered CrowdStrike Falcon platform. Together, customers will gain comprehensive cloud security, spanning Cloud Workload Protection (CWP), Cloud Security Posture Management (CSPM), Cloud Infrastructure Entitlement Management (CIEM) and now ASPM.
“Bionic was founded on the core premise that when it comes to application risk, you can’t protect what you can’t see. We have built a ‘Google Maps for your Apps’, delivering a complete picture of application security risk in a truly frictionless way that does not interfere with the development process,” said Idan Ninyo, chief executive officer at Bionic. “CrowdStrike has taken the mantle as the modern cybersecurity platform of choice and the company to beat in the cloud security market. Its strength and scale as a market leader and innovator will help us dramatically accelerate the adoption of ASPM by every business and organization on the planet.”
