Rezilion— a startup transforming development, security, and operations (DevSecOps) with automation — has been selected as a launch partner for the new Amazon Inspector, an automated security assessment service used by companies to help secure their workloads running on Amazon Web Services (AWS). Rezilion can now be seamlessly enabled across AWS without requiring customers to go through the tedious task of deploying additional software agents. In addition, Rezilion will be available in AWS Marketplace for instant procurement and deployment.
Rising pressure for companies to undergo digital transformation and accelerate innovation has led to unprecedented amounts of code being shipped daily. In turn, this creates bottlenecks for security teams who lack the necessary automation tools to adequately detect, prioritize, and address the risk in fast-moving release cycles with both precision and agility.
The combination of Rezilion and Amazon Inspector answers this increasingly urgent need. This announcement empowers AWS customers with seamless access to DevSecOps tools, enabling their security teams to scan for software vulnerabilities, validate their exploitability, and prioritize remediation efforts according to the actual risk they pose. Using Rezilion, customers can understand which vulnerabilities discovered by Amazon Inspector are exploitable in the specific runtime context of their environment. Since more than 70% of vulnerabilities are not actually exploitable, focusing on the ones that pose a real threat results in:
- 70% reduction in patching efforts: saving thousands of DevOps and security teams’ hours.
- Reduction of remediation timelines from months to days: Making sure real threats are addressed in a timely manner.
- Acceleration of development timelines: Spending less time patching, DevOps teams can now focus on building.
Beyond detection and prioritization, the combination of Rezilion and Amazon Inspector provide an end-to-end solution for managing vulnerabilities:
- Actionable remediation plan: After filtering out un-exploitable vulnerabilities from one or several scanners, Rezilion aggregates findings and organizes them by software components that need to be patched and updated, distilling thousands of vulnerabilities to a handful of remediation actions.
- Advanced reporting capabilities: Showing risk trends over time across environments and applications, including metrics such as average time-to-fix and total exploitable risk.
- Full, dynamic software bill of materials (SBOM): Dynamic live mapping of all code in a software environment for holistic management and compliance, including code provenance (where it comes from), location (where it’s deployed) and status (how it’s executed).
“As more and more of our clients are embracing DevSecOps and pushing code faster than ever, we’re looking for ways to help them to stay safe in motion,” says Erik Melander, Chief Executive Officer of Astellent, a Rezilion customer and leading services and technology company helping organizations to achieve digital transformation. “For any organization facing the same challenge, the combination of Amazon Inspector and Rezilion will do exactly that.”
“We’ve completely re-imagined Amazon Inspector, making it easier than ever for customers to enable continuous and automated software vulnerability assessments across their entire organization of AWS accounts,” says Michael Fuller, Director, Product Management, AWS Security Services. “Adding Rezilion provides customers with additional context to help prioritize remediation efforts, reduce patching backlogs, and accelerate release cycles, all while improving their security and compliance.”
“Rezilion Validate is the only solution for any organization seeking to significantly reduce their patching backlog and refocus efforts on innovation. We’re delighted that AWS has recognized the value of our tools for the launch of Amazon Inspector and look forward to making them much more accessible in the AWS Marketplace,” says Liran Tancman, Chief Executive Officer and Co-Founder of Rezilion. “Vulnerability identification and risk remediation are imperative to the software development life cycle. Our work with AWS is a major milestone towards Rezilion’s aim of empowering teams to focus more on building and less on fixing, to make the SDLC more efficient for everyone it affects.”