Miggo, Grafana Unite to Turn Observability Data into Runtime Security

TEL AVIV, Israel – March 17, 2026 – In a significant move to reshape how organizations approach cybersecurity, AI Runtime Security firm Miggo Security and observability leader Grafana Labs today announced a strategic partnership. The collaboration introduces a joint solution designed to transform existing production telemetry into evidence-based security intelligence, promising to slash the overwhelming noise from vulnerability alerts by up to 90%.

This partnership directly tackles one of the most persistent challenges in modern security: alert fatigue. As applications grow in complexity, security teams are inundated with thousands of vulnerability warnings, many of which are theoretical or irrelevant in their specific production environment. The new solution leverages Grafana Cloud's rich observability data to determine which vulnerabilities are truly exposed and represent real, exploitable risk.

“As organizations adopt AI at scale, security and observability are becoming even more complex – and even more critical,” said Ash Mahzari, VP of Corporate Development at Grafana Labs. “We selected Miggo as a strategic partner to directly address that complexity. By combining forces, we unlock deeper value from Grafana Cloud observability data, giving security teams the precise runtime insights and capabilities they need for real-time detection and mitigation without adding deployment overhead."

A New Front Against Alert Fatigue

For years, security operations centers have struggled under the weight of their own tools. Traditional scanners identify potential vulnerabilities in code and dependencies, but they lack the context of the live production environment. The result is a massive backlog of 'critical' alerts that forces engineers to spend countless hours investigating threats that may not be exploitable, while real risks get lost in the noise.

The Miggo and Grafana solution aims to end this cycle by pioneering an approach centered on execution-backed prioritization. Instead of just knowing a vulnerability exists in a library, the system uses runtime data to verify if the vulnerable piece of code is ever actually executed. By analyzing distributed traces from Grafana Tempo and continuous profiles from Grafana Pyroscope, Miggo's AI engine builds a behavioral baseline of the application.

This allows for powerful reachability and exposure validation. If a vulnerability is located in a code path that is never called or a library that is loaded but unused, it is deprioritized. This evidence-based approach is the foundation for the partnership's bold claim of a 60-90% reduction in critical vulnerability backlog noise, enabling teams to focus their limited resources on the handful of threats that truly matter.

The Convergence of Security and Observability

This partnership signifies a major milestone in the growing industry trend of 'security observability'—the convergence of security practices with the deep, contextual data provided by observability platforms. The traditional model of bolting security on as a separate, siloed function is proving inadequate for the dynamic nature of cloud-native and AI-first architectures.

The joint solution is designed to be frictionless, a key differentiator in a market crowded with agent-based tools. By building directly on the Grafana Cloud platform, customers can activate these advanced security insights without deploying new agents, duplicating instrumentation, or adding operational overhead. This not only reduces compute and storage costs but also helps break down the friction that often exists between security, development, and operations teams.

“We are proud to partner with an observability leader like Grafana Labs," said Daniel Shechter, CEO and Co-Founder of Miggo Security. "In the age of rapid AI adoption, engineering and security teams are looking for solutions to help them deliver robust security. This is a natural partnership that ties strongly to Grafana's and Miggo's new offerings. Together, we are creating a holistic approach for organizations to handle both observability and AI runtime security seamlessly.”

Grafana's Strategic Ecosystem Play

From Grafana Labs' perspective, the partnership is a strategic masterstroke that enhances the value of its open observability platform without deviating from its core mission. While competitors like Datadog have built integrated, proprietary security modules, Grafana is choosing to bolster its ecosystem by partnering with a best-in-class security specialist. This approach reinforces its commitment to providing a flexible, composable platform built around leading open-source projects.

By integrating Miggo's Application Detection and Response (ADR) capabilities, Grafana Cloud becomes more than just a tool for monitoring performance and availability; it becomes a foundational platform for holistic operational intelligence that includes security. This move directly addresses the needs of its vast user base, many of whom are grappling with securing the same complex systems they are observing.

The collaboration allows Grafana to offer a compelling security narrative: use the data you are already collecting for observability to also secure your applications. This strengthens its position against comprehensive platforms while staying true to its open ecosystem ethos, offering customers choice and deep, specialized functionality through strategic alliances.

From Telemetry to Actionable Intelligence

The technical integration provides a clear picture of the future of data-driven security. Miggo's platform ingests the trace data from Grafana Tempo to map the exact execution paths of requests as they travel across microservices. This provides definitive proof of whether a vulnerable function is reachable. Simultaneously, it analyzes continuous profiling data from Grafana Pyroscope to understand which code is actively consuming CPU cycles, offering another layer of evidence about what is running in production.

Beyond prioritization, the solution provides immediate mitigation options. Once a truly exploitable vulnerability is confirmed, customers can use virtual patching to block potential attack paths at runtime. This buys critical time for developers to deploy a permanent fix without leaving the application exposed. This full-cycle workflow—from frictionless collection to evidence-based prioritization and immediate mitigation—delivers a clear and immediate return on investment for joint customers.

The joint solution will be demonstrated live at the upcoming RSAC conference in a workshop titled, "Security Observability: Turning Production Telemetry into Real Security Decisions," offering attendees a first-hand look at how this new approach works in practice.