Apiiro Lands the Largest ASPM Deal in the Market with a Fortune 10 Global Enterprise

Apiiro, working with a top tier national cybersecurity partner with leadership and expertise in AppSec, has closed the largest application security posture management (ASPM) deal ever seen in the market. The partnership, valued at $5 million, marks a pivotal shift in enterprise security strategies, highlighting the growing recognition of ASPM as a critical component of modern risk-based application security.

Traditional, siloed application security manual testing processes and automated testing tools are no longer sufficient in today’s complex and agile development environments. Apiiro integrates application security, risk management, and development processes into a single platform. Such an integration automates security controls validation and assurance throughout the software lifecycle, from design, to development, and delivery, and eliminates the need for manual self-attestation questionnaires and security reviews.

The process establishes a new benchmark for enterprise-level application security and risk management, effectively aligning agile software practices with robust risk management strategies. It’s a unified approach that not only streamlines operations but also enhances overall application security posture, enabling organizations to design, develop, and deploy safe and secure software faster to support high business growth.

Managing Risk-Based Application Security at Scale

Apiiro’s newest customer, a household name, recognized the need for a comprehensive solution to address the complex challenges of modern application security and risk management. With more than 8,000 applications in its portfolio, the leader sought a solution that could provide deep visibility into their software architecture, automate manual processes, and prevent risks with context that will not slow down developers, and significantly enhance its application security posture.

With Apiiro’s ASPM platform, the customer aims to achieve four primary business outcomes:

1. Eliminate manual processes and automate security control validation, including portions of the time-consuming security requirements and risk assessment questionnaires that developers currently fill out manually before delivering to production.
2. Establish and maintain a continuously updated software inventory across all changes in code repositories, ensuring deep visibility into all source control managers, repositories, developer knowledge, and software architecture components of internally built apps, as well as those acquired through M&A activity.
3. Quickly identify and assess the risk of material changes and vulnerabilities by querying the customer’s risk graph via Apiiro Explorer.
4. Automate risk prioritization and remediation processes to prevent risks from entering production environments, and ensure the right code owner is responsible for remediation.

Delivering Unparalleled Business Value

The implementation of Apiiro’s ASPM platform is projected to deliver substantial cost savings and efficiency gains, totaling an estimated tens of millions of dollars each year. This includes:

• Automating questionnaires: An estimated annual savings of $500,000 by automating 33% of the work involved in manual security controls assurance and completing 4,000 questionnaires per year.
• Discovering and tracking sensitive data in code and exposure through APIs: A projected annual savings of $540,000 by automating 90% of the work required to investigate and manage sensitive data across all applications.
• Automatic software inventory discovery: An expected annual savings of $2,850,000 by automating 95% of the work needed to build and maintain a comprehensive software inventory across all applications and daily changes.
• Automating risk prioritization and remediation: A potential annual savings of $1,200,000 by significantly reducing the time spent manually triaging zero-day vulnerability impacts.
• Automating material changes prioritization: An estimated annual savings of $1,440,000 by automating 80% of the work involved in triaging risky material changes and triggering threat models and penetration testing across all applications.

Why Apiiro: Unique Technical Differentiators to ASPM

Apiiro won over multiple large vendors in a thorough evaluation process, including a technical proof of concept (PoC) and business value evaluation. In addition to agentless and seamless integration with existing source code systems, security testing tools and processes, CMDB systems, and cloud infrastructure, Apiiro provides unique advantages, and is the only ASPM platform offering:

1. DCA (Deep Code Analysis): Apiiro’s real-time, historical analysis and material change detection automatically map the customer’s specific software architecture and track all component changes for continuous risk assessment early in the SDLC, eliminating the need for manual attestation. 
2. Comprehensive Software Inventory: Apiiro’s graph-based software inventory provides not just a list of components but also the connections between them, as well as their associated risks and compliance considerations.
3. Risk Graph Explorer and Policy Engine with Code-to-Runtime Context: Apiiro’s visibility-first approach enables unparalleled risk context for prioritizing design risks, vulnerabilities, architectural material changes, misconfigurations, compliance issues, and other application security alerts. It automates security controls validation and assurance based on the customer’s specific software architecture and business risk factors.
4. Automatic Code Owner Identification: Apiiro ties risks directly to code owners and provides complete guidance for remediation without introducing breaking changes.
5. Reduced Risk and Mean Time to Remediation (MTTR): Apiiro automates remediations, proactively triggers processes like threat models, pen-tests and contextual developer training, and enables risk-based developer guardrails to continuously empower teams to quickly and proactively address risks before delivering to production.

Industry Perspectives on ASPM: Setting a New Standard

Apiiro has forged successful partnerships with numerous enterprise leaders, including Paddle, Rakuten, and Shell, enhancing their existing security testing while consolidating and expanding security coverage. Apiiro’s risk-based approach to application security has improved efficiency and leveraged deep context from the customer’s code-to-runtime software architecture mapping to shift security left, setting a new standard for ASPM operationalization at scale. 

As organizations navigate the complexities of modern software design, development and delivery, there’s an increasingly critical demand for holistic, automated application security platforms that can identify, prioritize, remediate, manage, prevent, and measure application risk across the entire software development lifecycle. This landmark Fortune 10 deal underscores that paradigm shift, demonstrating the tangible benefits of investing in advanced application security technologies.

“The partnership exemplifies how even the largest enterprises recognize the need for a comprehensive, risk-based approach to application security,” said Geoff Akie, regional sales manager at Apiiro. “It’s a defining moment in the ASPM market, showcasing the value of deep application visibility and automated risk assessment.”

Idan Plotnik, CEO of Apiiro, added, “This deal validates our vision of unifying application risk visibility, prioritization, remediation and prevention across the entire software development and supply chain. We’re proud to deliver business value to our newest customer while securing their application design, development, and delivery through our innovative ASPM platform, which goes beyond traditional scanning to provide actionable, context-rich insights.”

Looking Ahead

For organizations looking to transform their application security posture, and shift secure software design, development and delivery faster and with greater confidence, set up a demo with our team today.

Request a demo.