Parasoft announces the opening of its new office in Northeast Ohio.
Checkmarx announces new integrations designed to speed application security operations within ServiceNow DevOps.
Both the cloud-native Checkmarx One AppSec platform and Checkmarx SAST plugins are immediately available in the ServiceNow Store and effectively streamline application security for developers within the DevOps toolchain, significantly reducing the risk of delivering cloud-native enterprise applications.
“Checkmarx is committed to simplifying and streamlining effective application security for today’s developers whose time-to-delivery deadlines seem tighter every quarter,” said Ori Bendet, VP of Product Management at Checkmarx. “These Checkmarx integrations with ServiceNow DevOps can not only dramatically mitigate the risk inherent in cloud-native enterprise applications, but also empower developers and build trust between them and their security teams. Ease of use and more secure applications lead to greater success for the modern enterprise.”
The Checkmarx One and Checkmarx SAST Plugins for ServiceNow DevOps will enable users with the DevOps Change Velocity license to:
- View integration of Checkmarx scans within the ServiceNow DevOps toolchain
- Associate ServiceNow DevOps orchestration tools such as Azure DevOps, GitHub Actions or Jenkins directly to Checkmarx scans to be run on the pipelines
- View security scan results run during the DevOps pipeline within the ServiceNow pipeline execution report
- Automate approval based on Checkmarx security scan results by enabling the change acceleration feature of DevOps Change Velocity, change-approval flows and policies
Industry News
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
Nokod Security announced the general availability of the Nokod Security Platform.
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.