CrowdStrike banks on application security with Bionic acquisition

Cloud security vendor hoping to deliver “the most comprehensive” view of cloud risk in a unified platform

CrowdStrike has agreed to acquire application security posture management (ASPM) firm Bionic.

The vendor is aiming to extend its cloud native application protection platform (CNAPP) with ASPM to deliver comprehensive risk visibility and protection across the entire cloud estate, from cloud infrastructure to the applications and services running inside of them.

As a result, CrowdStrike claims it will be the first cybersecurity company to deliver complete code-to-runtime cloud security from one unified platform.

Announced at the industry's marquee cybersecurity conference, CrowdStrike Fal.Con 2023, the deal comes on the heels of CrowdStrike's Q1 and Q2 FY24 financial results, which lead to big wins for the company.

"The cloud is cybersecurity's new battleground, yet the industry's answer to-date has been disjointed point security tools or ‘platforms' with multiple consoles and agents," said George Kurtz, co-founder and chief executive officer at CrowdStrike.

"We are delivering what customers need: modern protection to address cloud security risk comprehensively, through one unified platform.

"We pioneered cybersecurity for the cloud era, and the addition of Bionic further extends our cloud security leadership on our mission of stopping breaches.

"Bionic shares our passion for customer-focused innovation and will make a great addition to the CrowdStrike team."

Stopping breaches moves to the cloud

According to the CrowdStrike 2023 Global Threat Report, cloud exploitations increased by 95 per cent and the number of cloud-conscious threat actors increased more than 3 times in the last year.

At the same time, the growth of cloud computing, the speed of DevOps, and the increased use of no and low-code development platforms has led to an explosion of applications and microservices running within cloud environments.

The speed and dynamic nature of application development makes it nearly impossible for organisations to maintain a full picture of every application and their dependencies running their environment, or the microservices interacting with cloud infrastructure.

This creates an increased risk profile that cloud-savvy adversaries continually look to exploit.

Bionic is said to extend the Falcon platform's unique agent and agentless protection of cloud infrastructure with unprecedented visibility into application behaviour and vulnerability prioritisation for both server-based and serverless infrastructure, without disrupting the development process.

"Bionic was founded on the core premise that when it comes to application risk, you can't protect what you can't see. We have built a ‘Google Maps for your Apps', delivering a complete picture of application security risk in a truly frictionless way that does not interfere with the development process," said Idan Ninyo, chief executive officer at Bionic.

"CrowdStrike has taken the mantle as the modern cybersecurity platform of choice and the company to beat in the cloud security market. Its strength and scale as a market leader and innovator will help us dramatically accelerate the adoption of ASPM by every business and organization on the planet."