Application security posture management (ASPM) company Bionic has added two new capabilities \u2014 Bionic Signals and Bionic Business Risk Scoring \u2014 to its namesake cybersecurity platform to help its customers detect, prioritize and remediate vulnerabilities and threats in their applications.\n\nThe idea is to collate signals from multiple threat intelligence platforms and add business context to identify critical risks in customer applications and help prioritize them based on the level of risks involved.\n\n\u201cThe surge in applications and shift to continuous delivery are introducing new attack surfaces and attack vectors at an unimaginable rate,\u201d said Eyal Mamo, co-founder and chief technology officer at Bionic. \u201cOur next-gen application security platform detects, scores, and prioritizes application risk so that teams can spend time fixing what needs to be fixed.\u201d\n\nThe new capabilities are available to users at launch as part of their existing subscription. Bionic licenses are priced by the number of unique services used across customer environments.\n\nBionic Signals delivers consolidated intelligence\n\nEarlier this year, Bionic announced its first signal integration, with cloud security posture management (CSPM) provider Wiz, in a bid to unify cloud application security. To further its signal integrations, the company has onboarded new partners including Snyk, which develops code-security applications, and Sonatype, which sells software supply chain management software.\n\n\u201cAppSec and developers have too many disparate siloed security tools across their CI\/CD pipelines that create thousands of alerts, vulnerabilities, and false positives,\u201d Mamo said. \u201cThis creates developer TOIL (manual triage) and prevents developers from rapidly fixing the most critical security bugs before a production release.\u201d\n\nBionic Signals will allow the platform to integrate with one or more security tools so it can ingest and contextualize the alerts and vulnerabilities that are triggered by tests and scans, according to Mamo.\n\nBionic ASPM can now be accessed through both the Snyk and Sonatype UIs. Bionic Signals for Sonatype IQ is generally available now, and Bionic Signals for Snyk SCA will be available in July.\n\n\u201cCollating results from various aspects of application security scanning into a single platform for review will be a big help to engineers on both development and security teams,\u201d said David Chernitzky, CEO of Armour Cybersecurity. \u201cBionic\u2019s integration is a step forward in that direction and we are curious to see it in action.\u201d\n\nBionic adds business context to the mix\n\nThe new business risk scoring adds data context and scores business risk, on a scale of 1 to 100, based on threat profile and severity, business criticality, and exploitability. It further groups the threats into critical, high, medium and low categories to understand threat impacts and prioritize accordingly.\n\n\u201cThe thing usually missing from the vulnerability management process, and sometimes the hardest thing to get, is an understanding of the business context associated to any particular vulnerability,\u201d said Story Tweedie-Yates, head of product marketing at cybersecurity company KSOC. \u201cBionic is trying to help teams with the question of prioritization, and the more signals they can add in to make that context more precise and accurate, the better.\u201d\n\nBionic adopts an agentless deployment to continuously scan production environments so it can provide a real-time view of application security posture in production, Mamo added.