Products

Rezilion Validate

Patch less, create more, by focusing on your actual risk.

Only patch exploitable vulnerabilities

Free yourself from the burden of your backlog and get back to building

Rezilion Validate reduces patching needs by 70% or more by aggregating vulnerability scan results and automatically filtering them to focus on what’s actually loaded and exploitable.

Use Cases

Release fast, securely in CI

Fail less builds by focusing on exploitable vulnerabilities and remove security as a bottleneck to innovation.

Focus on risk Across Dev and Production

Aggregate all of your scan results and filter out vulnerabilities that don’t pose a risk for accurate reporting and efficient use of resources.

Eliminate wasted effort everywhere

Let Security and DevOps focus on your mission and customers, not on patching. Save time and budget by working efficiently.

Calculate your Vulnerability Validation savings

What will your organization gain by patching less with Rezilion Validate? Find out your savings potential today.

Calculate your Vulnerability Validation savings

What will your organization gain by patching less with Rezilion Validate? Find out your savings potential today.

How it works

Instrumentor

Scanner Plug-ins

Unison Core

Instrumentor

Scanner Plug-ins

Unison Core

Instrumentor

Scanner Plug-ins

Unison Core

Collects and sends runtime and memory data (from hosts, containers, and application interpreters) to the Rezilion Core.

Deployment options:
  • In CI – Deploy a Jenkins plugin
  • In Orchestrated container environments (like Kubernetes – deploy a .yaml file to run DaemonSet
  • In VMs/Hosts Environments – Collect runtime data using existing orchestration tools AWS SSM, Chef, Ansible, Salt (etc.)

No sensitive data is sent back to the Rezilion back-end. Collected data includes file paths, command-line arguments, hashes, and numerical representations of memory components.

Collects and sends runtime and memory data (from hosts, containers, and application interpreters) to the Rezilion Core.

Deployment options:
  • In CI – Deploy a Jenkins plugin
  • In Orchestrated container environments (like Kubernetes – deploy a .yaml file to run DaemonSet
  • In VMs/Hosts Environments – Collect runtime data using existing orchestration tools AWS SSM, Chef, Ansible, Salt (etc.)

No sensitive data is sent back to the Rezilion back-end. Collected data includes file paths, command-line arguments, hashes, and numerical representations of memory components.

Connects to commercial and open source scanners and sends the latest scan results to the Unison’s dynamic data lake (can also run locally in CI). Existing integrations include BlackDuck, JFrog (Xray), Tenable, Rapid7, Qualys, Snyk and others — new scanner integrations are being added as well, if you don’t see yours listed, ask us. 

Also, if you don’t yet have a scanner installed, Rezilion ships with open-source scanners like Trivy and OWASP Dependency-Check

Correlates Instrumentation data with the vulnerability scanners’ output using patented workload composition analysis in order to validate vulnerabilities and flag those that are unexploitable.

Validate maps identified vulnerabilities to all processes that are currently executing in the workload. Unison is constantly running, which means it updates exploitable vulnerabilities any time a change is made, or a new process runs for the first time.

  • SaaS by-default (ISO 27001 Certified).

Features

Visualize your dynamic bill of materials (DBOM)

Map and dynamically track the function, status and interactions of every piece of code in your environment.

Manage your full vulnerability backlog all in one place

Aggregate scan data from any type or number of scanning tools to accurately report on the effectiveness of your vulnerability management program.

Filter vulnerabilities to define your true attack surface

Focus your efforts on exploitable vulnerabilities and avoid patching false-positives that are not loaded into memory and therefore pose no risk.

Take smart remediation action to reduce work for all

Get automated recommendations for the most efficient paths to remediation based on aggregated and validated data, to make informed decisions and take action faster.

Eliminate tech debt and unused code

Create golden images and make every build more secure and maintainable by removing unused components, shrinking your attack surface.

Drill in to understand the details of specific vulnerabilities

Understand the assets that are impacted by each unique vulnerability to manage with both telescopic vision and microscopic precision.

Case Studies

Validated ROI

Rezilion Validate savings with a Fortune 500 Software Company

$4,344,244 in savings per year:
| 1,316
Servers in Production
| 5,014,733
Total detected vulnerabilities
| 128,858
Total hours to patch vulnerabilities
> 48%
Of vulnerabilities were not loaded
> 66,835
Hours of patching saved

Validated ROI

Rezilion Validate savings with an Internet Commerce Company

$301,809 in savings per year:
| 1,000
Servers in Production
| 247,747
Total detected vulnerabilities
| 7,070
Total hours to patch vulnerabilities
> 82%
Of vulnerabilities were not loaded
> 5,797
Hours of patching saved

Validated ROI

Rezilion Validate savings with a Global 100 Medical Product Company

$101,710 in savings per year:
| 599
Containers in Production
| 111,161
Total detected vulnerabilities
| 3,031
Total hours to patch vulnerabilities
> 77%
Of vulnerabilities were not loaded
> 2,334
Hours of patching saved

Rezilion Certify


Trust your code with Desired State Enforcement

Get Started Now

Reduce your patching by 70% or more in less than 10 minutes.
Let us show you how.

© 2021 Rezilion. All Rights Reserved.