St. Charles, MO, USA
May 25, 2023   |  By Rezilion
Let’s talk about operational risk and security risk. In the dynamic world of software development, a persistent tension exists between developers and security professionals when it comes to managing operational risk and security risk. Developers prioritize avoiding code disruptions, leading them to implement measures like version locking and reluctance to patch.
May 23, 2023   |  By Esther Shein
Software supply chain attacks are increasingly gaining attention. Why? Software developers today have grown increasingly reliant on vendors, suppliers, and partners, so the software supply chain has become a key factor in the ability to build new enterprise apps. This means more partners are touching sensitive data than ever before, and attackers have taken notice. More open-source components are being used and consequently, vulnerabilities are slipping in through the software supply chain.
May 22, 2023   |  By Rezilion
As Head of Product at Rezilion, I am excited to share some of the new features and enhancements we have added to the platform in the first few months of 2023. With these new features, you’ll be able to effectively manage your supply chain risks with more visibility, accuracy, and convenient automation than ever before.
May 18, 2023   |  By Rezilion
Without effective and reliable software, virtually every aspect of an organization’s operations can grind to a halt. And a vulnerability that impacts even one component of a software application can expose many organizations to risk. Software vulnerabilities are emerging all the time, so one of the biggest challenges in defending against software flaws is the fact that there are so many of them.
May 17, 2023   |  By Rezilion
Rezilion announces that its Dynamic Software Bill of Materials (SBOM) solution has been recognized as a finalist in the Best Emerging Technology category for the SC Media 2023 Awards.
May 16, 2023   |  By Rezilion
In this blog post, we detail PaperCut Vulnerability CVE-2023-27350. On March 8th, PaperCut released new versions that contained security updates and addressed two recently discovered CVEs – CVE-2023-27351 and CVE-2023-27350. Today, we will focus on CVE-2023-27350, which was reported by the Zero Day Initiative (ZDI-23-233). This vulnerability is a critical remote code execution flaw with a severity score of 9.8.
May 9, 2023   |  By Rezilion
Protecting the software supply chain is now a major organizational priority. Two weapons in the arsenal to help protect against data breaches and digital attacks are software supply chain security and software composition analysis (SCA). Here’s a look at Software Supply Chain Security vs SCA. The world today runs on software and ensuring it is reliable and secure can be a dicey proposition.
May 4, 2023   |  By Rezilion
With all the cybersecurity benefits an SBOM offers, it’s a wonder they weren’t used in the software development life cycle long ago. Today, the need for SBOMs has grown more urgent because open source has become a core part of modern software development. At least one report finds that 75% of all codebases audited were composed of open-source components with known security vulnerabilities.
May 1, 2023   |  By Rezilion
On Apr 24, 2023 Naveen Sunkavally, Chief Architect at, announced the discovery of a new vulnerability, CVE-2023-27524, in Apache Superset and wrote comprehensively about the whole process. The vulnerability was caused by an insecure default configuration in the application. This is not the first time this type of vulnerability has been found in similar applications.
Apr 27, 2023   |  By Rezilion
There are several noteworthy software supply chain attack examples that we can learn from. Why is this important? Attacks on software supply chains can be incredibly harmful as they specifically target organizations through their third-party vendors or software, hardware, or service providers at any point in the development process. The intention behind these attacks is to gain entry, carry out espionage, and enable acts of sabotage.
Sep 27, 2022   |  By Rezilion
Azure DevOps is Microsoft’s Software as a Service (SaaS) platform providing developers a comprehensive DevOps platform to develop and deploy software. By integrating directly with Azure DevOps, Rezilion’s platform first helps customers discover all software components in their environment, then using granular run-time validation helps them prioritize vulnerabilities that are exploitable and eliminate what isn’t relevant. This allows developers to focus on what matters most and remediate strategically.
Sep 7, 2022   |  By Rezilion
View this video to learn more about Rezilion and CircleCI's integration and see it in action.
Aug 3, 2022   |  By Rezilion
Take a deep dive into Rezilion's open source tool, MI-X or Am I Exploitable. Learn what the tool is, what makes it unique, and watch a demo that shows the tool detecting Log4Shell.
Aug 1, 2022   |  By Rezilion
Get an in-depth look at Rezilion's Attack Surface Management Platform and how it can reduce your attack surface as well as help manage vulnerabilities.
Jul 13, 2022   |  By Rezilion
View a demonstration of Rezilion's integration with GitLab to see how you can reduce patching efforts by 85% so you can code more, release faster, and patch less.
Jul 12, 2022   |  By Rezilion

#vulnerabilitymanagement #vulnerabilities #devsecops #devops #sbom #dynamicsbom

Jul 11, 2022   |  By Rezilion
Learn how you can fix security issues quickly and easily using Rezilion auto-remediation feature in CI.
Jul 11, 2022   |  By Rezilion
Use Rezilion's Dynamic SBOM to create a continuous inventory of all of your software components, map any recognized vulnerability to these components, assess, and share your attack surface.
Jun 23, 2022   |  By Rezilion
View this on-demand webinar and learn.
Jun 23, 2022   |  By Rezilion
The recently discovered flaw in Apache’s Log4j software continues to stress security teams and put many organizations at risk. Because Log4j is very difficult to detect, many scanners may not detect it. Rezilion researchers conducted a survey using multiple open source and commercial scanning tools and assessed the tools against a dataset of packaged Java files where Log4j was nested and packaged in various formats. While no scanner was able to detect Log4j in all formats initially, several scanner makers were quick to respond and update their technology to find the bug.

Rezilion’s autonomous cloud workload protection platform instantly shrinks your attack surface while enabling developers to push code freely.

Rezilion is a stealth mode cyber-security start-up, created by successful serial-entrepreneurs. Rezilion develops a cutting edge technology that makes cloud environments self-protecting and resilient to cyber-attacks.

Security at Cloud Speed and Scale:

  • Dynamic Whitelisting & Application Control: By statically analyzing CI/CD pipeline artifacts (code repositories, VM and container images repositories, etc.) Rezilion determines the correct state for every production instance and assures that each is behaving exactly as programmed.
  • Hardening & Vulnerability Management: Vulnerabilities, known and unknown, are part of the DevOps life. Unfortunately, they can’t be fixed all at once. Rezilion makes living with vulnerabilities manageable by reducing the vulnerable attack surface — as well as the tension between DevOps and Security teams.
  • Exploit Prevention & Memory Protection: Rezilion continuously assesses the integrity of hosts, virtual machines, and containers; providing broad protection against attacks, without the overhead and complexity of legacy solutions.
  • Change Control & Access Management: Immutability is a shared goal for developers, IT, and security. However, few production environments are completely immutable. Rezilion helps control and document any manual change that bypasses the CI/CD pipeline.

Effortlessly reduce your attack surface.