On Humility and DevSecOps

On Humility and DevSecOps

Rezilion is a company founded in humility. By that, we don’t mean that we’re not incredibly proud of what we’re doing, but rather that the ideology of the company comes from some humbling lessons from the past. When we founded our previous company, we thought we had next-gen security all figured out. We built an incredibly powerful heuristic solution that had a false positive rate of 1 in 500,000,000. But even though that was an exponential leap over other heuristic solutions in the market at the time, today one false alert in half a billion is too many.

That’s because modern production environments are scaling and changing at an overwhelming pace by adopting DevOps technologies. These production environments are composed of cloud workloads running on-premises and IaaS/PaaS, and developers working in those environments are enabled by the adoption of CI/CD – meaning they can integrate and deploy code at whatever frequency deemed productive.

However, security teams are struggling to keep up, using monitoring tools that require manual tuning and administration. The reality we’ve learned as security practitioners and have adopted as our mantra is: Any process with a security analyst in the loop gets quickly overwhelmed and any approach creating friction for DevOps process is rejected. To scale, security must be baked into the infrastructure DNA.

With this in mind, we built Rezilion to help our peers fully automate security operations in a way that appeals to both developers and security practitioners. From the ground up, our goal is to make sure all of your services and applications are in a healthy and desired state, which dramatically reduces your attack surface. And in the event of an attack or unsanctioned change, Rezilion immediately brings affected services back to a known good state, making applications and infrastructures inherently resilient to cyberattack and undesired modification.

Ours is a deterministic approach: fully automated, with no learning period required, and no false alerts generated. That’s why we say you can “run without fear” – because even if there’s a vulnerability in your code, if someone tries to exploit it, Rezilion brings the affected instance back to last known good.

Rezilion works by analyzing the code coming from your CI/CD pipeline, creating a dynamic blueprint of all connections, relationships, and dependencies, thus knowing the appropriate state for every instance in production with certainty, and verifying that all services are in an uncompromised, intended state—functioning only as they were programmed or configured to behave.

Rezilion also identify any “glut”—unnecessary production components that represent risk, and components in production that are not utilized by any executed service —and flags any components that increase the operational attack surface. And because Rezilion fundamentally understands the provenance of every service in production, it also provides visibility into change: Unsanctioned administrative changes can trigger automatic service refresh, challenged via 2FA or a Slack message, or logged as an ITSM or SIEM ticket.

The lesson we learned is that cloud transformation requires a new approach to security: It must be deterministic, automatic, and scalable. Rezilion is this new approach. Gartner calls our space CWPP – cloud workload protection platforms. But we think many of the players in this space still falter when it comes to manual policy configuration and false alert generation. That’s why we think of ourselves as an autonomous cloud workload protection platform: Because our policies are based on your CI/CD blueprint, and we don’t generate alerts when we see threats, we mitigate them.

If this sounds interesting to you, let us know. We’d love to give you a demo.

Reduce your patching efforts by
85% or more in less than 10 minutes