Securing modern software systems is complex. Applications today are often composed of thousands of components, each with the potential to carry critical security vulnerabilities that can increase the risk of IP theft, data loss, monetary loss, reputational damage, and more. Mitigating security threats is no longer the sole responsibility of security teams. It is now an enterprise priority to have a security mindset across the development pipeline. 

To help address this new shared responsibility between DevOps and Security teams to work together (DevSecOps), we’re excited to announce the general availability of New Relic Vulnerability Management in the North American service region as part of the all-in-one observability platform experience. General availability in EMEA service region is planned for Feb 15, 2023.

Key capabilities of New Relic Vulnerability Management

New Relic Vulnerability Management lets you see performance and availability issues in one connected experience with:

  • Zero configuration visibility: Instant and actionable security information with continuous runtime software composition analysis (SCA) for assessment with no additional configuration.
  • Vulnerability testing (limited preview): Interactive application security testing (IAST) for Java is now available in a limited preview. With IAST, you can perform testing without making any code changes or interrupting normal business operations.
  • Open third-party integrations: Unified security view across your stack and software lifecycle with the ability to add security data through our open ecosystem of built-in quickstarts and New Relic security APIs.
  • Automatic risk prioritization: Library security risk evaluation across your software stack, which is correlated with the service catalog to help you understand your security posture.
  • Alerting on newly discovered vulnerabilities: Notifications via Slack and webhooks when new vulnerabilities are introduced in your code base.

Read on to learn more about the benefits of adding New Relic Vulnerability Management to your observability stack.

Key benefits of New Relic Vulnerability Management

Our monitoring and security solution helps you ensure that your security is integrated, observable, and actionable.

See vulnerabilities, performance metrics, and availability issues in one unified experience so you can quickly assess which issues are the most urgent and reduce risk more effectively.

Unified security view across your stack and software lifecycle

Collaboration starts with being able to use—and share—the right tools, with the right context. With New Relic Vulnerability Management, you can seamlessly integrate data with built-in quickstarts for trusted security tools like Snyk, Lacework, GitHub Dependabot, AWS Security Hub, and Aquasec Trivy. You can also use our security APIs to send security signals from any custom source for security in context across the software development lifecycle.

Seamlessly integrate data from trusted tools like Lacework.

Continuously analyze your applications for vulnerabilities

Now you can secure applications and dependencies faster and assess the potential impact of newly disclosed vulnerabilities on your organization the moment they are disclosed. Set up notifications via Slack and webhooks for when new vulnerabilities are introduced in the code base. Then use the vulnerability summary page with improved library metrics to prioritize remediation.

Evaluate security risk and address security severity across your stack and development lifecycle.

Automatically know which security risks to prioritize.

New Relic automatically correlates vulnerabilities with the New Relic entity graph to help you understand your application environment, prioritize the most critical risks, and quickly assign security issues for remediation or create personalized worklists.

Effectively evaluate vulnerabilities before they impact your business and collaborate across teams to close security risk vectors.

Leverage vulnerability testing—now in limited preview.

Along with New Relic Vulnerability Management, we are launching IAST for Java. With IAST, you can perform testing without interrupting normal business operations or having to make any code changes, making the process of identifying vulnerabilities faster and less disruptive. Contact us to request access to the vulnerability testing limited preview.

With IAST, you can identify vulnerabilities and perform testing without interrupting normal business operations.

Get started with New Relic Vulnerability Management

If you have a free account or if you are a Data Plus customer, you already have access to New Relic Vulnerability Management. No additional configuration is needed as long as you are using a supported agent.

If you have a standard account, you can enable New Relic Vulnerability Management as a single add-on for an additional $0.10/GB over your current data ingest price. If you purchase on or before Jan 31, 2023, you can take advantage of the limited promotion and lock in a 40% discount on the New Relic Vulnerability Management add-on for just an additional $0.06/GB for the remainder of your contract1.

1 Legacy & site license accounts must migrate to consumption billing for access.