Securing modern software systems is complex. Applications today are often composed of thousands of components, each with the potential to carry critical security vulnerabilities that can increase the risk of IP theft, data loss, monetary loss, reputational damage, and more. Mitigating security threats is no longer the sole responsibility of security teams. It is now an enterprise priority to have a security mindset across the development pipeline.
To help address this new shared responsibility between DevOps and Security teams to work together (DevSecOps), you can use New Relic Vulnerability Management. It's available in both the North American service region and EMEA as part of the all-in-one observability platform experience.
Key capabilities of New Relic Vulnerability Management
New Relic Vulnerability Management lets you see performance and availability issues in one connected experience with:
- Zero configuration visibility: Instant and actionable security information with continuous runtime software composition analysis (SCA) for assessment with no additional configuration.
- Vulnerability testing (limited preview): Interactive application security testing (IAST) for Java is now available in a limited preview. With IAST, you can perform testing without making any code changes or interrupting normal business operations.
- Open third-party integrations: Unified security view across your stack and software lifecycle with the ability to add security data through our open ecosystem of built-in quickstarts and New Relic security APIs.
- Automatic risk prioritization: Library security risk evaluation across your software stack, which is correlated with the service catalog to help you understand your security posture.
- Alerting on newly discovered vulnerabilities: Notifications via Slack and webhooks when new vulnerabilities are introduced in your code base.
Read on to learn more about the benefits of adding New Relic Vulnerability Management to your observability stack.
Key benefits of New Relic Vulnerability Management
Our monitoring and security solution helps you ensure that your security is integrated, observable, and actionable.
See vulnerabilities, performance metrics, and availability issues in one unified experience so you can quickly assess which issues are the most urgent and reduce risk more effectively.
Unified security view across your stack and software lifecycle
Collaboration starts with being able to use—and share—the right tools, with the right context. With New Relic Vulnerability Management, you can seamlessly integrate data with built-in quickstarts for trusted security tools like Snyk, Lacework, GitHub Dependabot, AWS Security Hub, and Aquasec Trivy. You can also use our security APIs to send security signals from any custom source for security in context across the software development lifecycle.
Seamlessly integrate data from trusted tools like Lacework.
Continuously analyze your applications for vulnerabilities
Now you can secure applications and dependencies faster and assess the potential impact of newly disclosed vulnerabilities on your organization the moment they are disclosed. Set up notifications via Slack and webhooks for when new vulnerabilities are introduced in the code base. Then use the vulnerability summary page with improved library metrics to prioritize remediation.
Evaluate security risk and address security severity across your stack and development lifecycle.
Automatically know which security risks to prioritize.
New Relic automatically correlates vulnerabilities with the New Relic entity graph to help you understand your application environment, prioritize the most critical risks, and quickly assign security issues for remediation or create personalized worklists.
Effectively evaluate vulnerabilities before they impact your business and collaborate across teams to close security risk vectors.
Leverage vulnerability testing—now in limited preview.
Along with New Relic Vulnerability Management, we are launching IAST for Java. With IAST, you can perform testing without interrupting normal business operations or having to make any code changes, making the process of identifying vulnerabilities faster and less disruptive. Contact us to request access to the vulnerability testing limited preview.
With IAST, you can identify vulnerabilities and perform testing without interrupting normal business operations.
Get started with New Relic Vulnerability Management
If you have a free account or if you are a Data Plus customer, you already have access to New Relic Vulnerability Management. No additional configuration is needed as long as you are using a supported agent.
If you have a standard account, you can enable New Relic Vulnerability Management as a single add-on for an additional $0.10/GB over your current data ingest price.
Next steps
Don’t have a New Relic account yet? Sign up for free today. Your free account includes 100/GB/month and one full user as well as New Relic Vulnerability Management.
To add New Relic Vulnerability Management to a standard account, go to Vulnerability Management experience in your New Relic account, select the banner, then select Upgrade now. You'll have the option to select the add-on or upgrade to Data Plus.
The views expressed on this blog are those of the author and do not necessarily reflect the views of New Relic. Any solutions offered by the author are environment-specific and not part of the commercial solutions or support offered by New Relic. Please join us exclusively at the Explorers Hub (discuss.newrelic.com) for questions and support related to this blog post. This blog may contain links to content on third-party sites. By providing such links, New Relic does not adopt, guarantee, approve or endorse the information, views or products available on such sites.
