What the Bionic Acquisition Can Bring to CrowdStrike

CrowdStrike's acquisition of Bionic last month is an example of how the company is strengthening its cloud security offerings.

Omdia senior principal analyst Rik Turner believes Bionic will lift CrowdStrike, best known as a leading extended detection and response (XDR), into a significant player in reactive cloud security.

"This deal not only takes CrowdStrike into the world of AppSec but also the proactive side of the security market," Turner wrote in a research note.

The acquisition combines cloud native application protection platform (CNAPP) and application security posture management (ASPM) capabilities to CrowdStrike's Falcon platform. The company plans to combine its Falcon Horizon Cloud Security Posture Management (CSPM) and Falcon Cloud Workload Protection (CWP) modules with Bionic's technology in a unified dashboard to give DevOps teams the ability to prioritize cloud security incidents, mitigate runtime threats, and provide threat hunting, CrowdStrike said.

Bionic said its ASPM features proactively discovers security, data privacy, and operational risks by continuously scanning and analyzing an organization's application architecture and software dependencies to uncover any anomalies. Notably, it provides views into the security posture of applications in production.

At CrowdStrike's Fal.Con user event last month, CrowdStrike president Mike Sentonas demonstrated how Bionic can expand CrowdStrike's cloud security portfolio to include cloud infrastructure entitlement management (CIEM) capabilities. Bionic provides visibility into Amazon Web Services and Microsoft Azure applications and the third-party services they communicate with, Sentonas said.

Developers update microservices and serverless functions daily through their CI/CD pipelines. Sentonas showed how Bionic mapped 102 application services, presented their dependencies, and identified how they communicate with each other.

"You can drill into each cloud and see what business applications are running," he said.

Proactive security consists of tools that can identify and remediate vulnerabilities, excessive access permissions, and misconfigurations before threat actors discover and exploit them, according to Omdia’s Turner.

"It is an approach that complements rather than replaces reactive security, effectively reducing the attack surface that reactive platforms such as XDR and the SIEM/SOAR continuum must address," Turner said.

Many CrowdStrike customers attending the Fal.Con were familiar with Bionic, and some said they intend to evaluate it.

"I’ve looked at Bionic in the past, and they have really good runtime application security technology in the context of the infrastructure," said Prabhath Karanth, global head of security and Trust at Navan (formerly TripActions). "It sounds like they want to approach the problem from a runtime perspective and address the problem of running your applications and containers and all of that in production. Because in a distributed microservices architecture, where your application is sitting in a containerized environment, this container runtime security becomes critical. I'd like to know more. It was just announced. But I think it's a very strategic acquisition."

Bionic gives organizations a comprehensive view of the risks associated with everything running in the cloud — the applications, the microservices, and everything connected to it — which really represents risk, CrowdStrike founder and CEO George Kurtz said during the opening keynote at Fal.Con.

"The beauty and the magic of this technology is that you don't need source code or you don't have to plug in the libraries," Kurtz said.