ZeroNorth Introduces Advanced AppSec Risk Analytics
February 16, 2021

ZeroNorth unveiled its Advanced AppSec (Application Security) Risk Analytics.

Using vulnerability data analyzed by the ZeroNorth AppSec automation and orchestration platform, these business intelligence analytics deliver a single source of truth on the overall risk and health of an organization’s application security program.

ZeroNorth’s reporting and analytics provide high-level intelligence together with granular details on AppSec risk across the enterprise. Data can also be viewed in the context of more specific groups, such as business units and application teams. With this insight, business, security and engineering leaders can determine where to focus, prioritize and direct resources to address the highest areas of risk for the business, build out a application security program, and measure and enforce accountability.

- Assess AppSec Risk: Security leaders can, for example, get a snapshot of the top five AppSec risks, identify problematic trends in scanning, vulnerability creation and remediation, immediately see gaps in the organization’s AppSec program, or quickly isolate the weakest points in the security posture.

- Drive DevSecOps: Security and engineering leaders can use ZeroNorth platform analytics to collaborate and drive DevSecOps processes. For example, through the reports they can compare and track vulnerabilities detected and remediated throughout the software development life cycle (SDLC) or pinpoint vulnerabilities that affect multiple applications and determine the processes and work needed to fix the problem globally. ZeroNorth platform reports can also help identify any bottlenecks in the DevSecOps process that impact the engineering team’s productivity and determine if any process changes or training is required.

- Enable Effective Business Decisions: Business leaders can use ZeroNorth platform reports to manage the organization’s AppSec program, and assess the overall health and risk of revenue-generating applications and make operational business decisions accordingly.

ZeroNorth analytics track key AppSec trends, ratios and metrics at the enterprise level and the individual business unit or application team level, including:

- Vulnerability Status: Types of vulnerabilities detected, leading vulnerabilities (quantity and criticality), trends in types and number of vulnerabilities detected/remediated.

- Application Status: Applications and entities scanned (including scan types), number of vulnerabilities detected per application/entity, top riskiest applications/entities.

- Vulnerability Scanner Status: Number and criticality of vulnerability findings per specific scanner.

The ZeroNorth platform can also generate custom reports, as well as export and integrate with a customer’s business intelligence (BI) and visualization tools of choice.

“ZeroNorth’s mission is to bring security, DevOps and business teams together to improve application security performance and reduce organizational risk. To achieve this, leaders must have a comprehensive, consistent view of AppSec risk at their fingertips,” commented John Worrall, CEO, ZeroNorth. “The new ZeroNorth reporting and analytics provide contextual and actionable analytics business, security and engineering leaders need to make informed business and operational decisions that will accelerate innovation through secure software, while maintaining enterprise standards for security across the organization.”

ZeroNorth’s Advanced AppSec Risk Analytics are generally available and can be delivered in a print-ready format or via an online portal.

Share this

Industry News

February 13, 2025

LaunchDarkly announced the private preview of Warehouse Native Experimentation, its Snowflake Native App, to offer Data Warehouse Native Experimentation.

February 13, 2025

SingleStore announced the launch of SingleStore Flow, a no-code solution designed to greatly simplify data migration and Change Data Capture (CDC).

February 13, 2025

ActiveState launched its Vulnerability Management as a Service (VMaas) offering to help organizations manage open source and accelerate secure software delivery.

February 12, 2025

Genkit for Node.js is now at version 1.0 and ready for production use.

February 12, 2025

JFrog signed a strategic collaboration agreement (SCA) with Amazon Web Services (AWS).

February 12, 2025

mabl launched of two new innovations, mabl Tools for Playwright and mabl GenAI Test Creation, expanding testing capabilities beyond the bounds of traditional QA teams.

February 11, 2025

Check Point® Software Technologies Ltd. announced a strategic partnership with leading cloud security provider Wiz to address the growing challenges enterprises face securing hybrid cloud environments.

February 11, 2025

Jitterbit announced its latest AI-infused capabilities within the Harmony platform, advancing AI from low-code development to natural language processing (NLP).

February 11, 2025

Rancher Government Solutions (RGS) and Sequoia Holdings announced a strategic partnership to enhance software supply chain security, classified workload deployments, and Kubernetes management for the Department of Defense (DOD), Intelligence Community (IC), and federal civilian agencies.

February 10, 2025

Harness and Traceable have entered into a definitive merger agreement, creating an advanced AI-native DevSecOps platform.

February 10, 2025

Endor Labs announced a partnership with GitHub that makes it easier than ever for application security teams and developers to accurately identify and remediate the most serious security vulnerabilities—all without leaving GitHub.

February 07, 2025

Are you using OpenTelemetry? Are you planning to use it? Click here to take the OpenTelemetry survey.

February 06, 2025

GitHub announced a wave of new features and enhancements to GitHub Copilot to streamline coding tasks based on an organization’s specific ways of working.

February 06, 2025

Mirantis launched k0rdent, an open-source Distributed Container Management Environment (DCME) that provides a single control point for cloud native applications – on-premises, on public clouds, at the edge – on any infrastructure, anywhere.

February 06, 2025

Hitachi Vantara announced a new co-engineered solution with Cisco designed for Red Hat OpenShift, a hybrid cloud application platform powered by Kubernetes.