Gearset announced its new CI/CD solution, Long Term Projects in Pipelines.
Dynatrace enhanced its Application Security Module to provide real-time, automatic attack detection and blocking to protect against injection attacks that exploit critical vulnerabilities, such as Log4Shell.
This builds on existing capabilities, which include automatic detection of runtime vulnerabilities in cloud-native applications and container workloads. As a result, organizations can protect their applications in real time and increase DevSecOps automation, allowing them to strengthen the security of their digital services and accelerate throughput.
Dynatrace Smartscape provides a continuously and automatically updated topology, and Davis, the Dynatrace platform’s AI engine, provides real-time visibility and prioritization of vulnerabilities. This combination enables Dynatrace to strengthen the security of applications with:
- Precise identification and prioritization of vulnerabilities – Providing teams with a clear understanding of the most important vulnerabilities to address and eliminating the time they spend chasing false positives.
- Proactive remediation of vulnerabilities – Achieved through integration into DevOps toolchains, including offerings such as Atlassian, Slack, and ServiceNow.
- Automatic attack detection and blocking – Delivering runtime application self-protection for key Open Web Application Security Project (OWASP) threats, including SQL injections and command injections.
“Organizations are working to improve security posture through application security testing and DevSecOps processes, but it's not enough for highly dynamic cloud-native environments,” said Steve Tack, SVP of Product Management, Dynatrace. “To enable our customers to be proactive, innovative, and secure, we are thrilled to add the ability to automatically block attacks in real time to our existing strengths – identifying and prioritizing vulnerabilities. With Dynatrace’s intelligence and automation, organizations can reduce risk across the software development lifecycle, accelerate throughput, and secure modern cloud workloads and applications.”
These enhancements will be generally available within 120 days.
Industry News
Rafay Systems has extended the capabilities of its enterprise PaaS for modern infrastructure to support graphics processing unit- (GPU-) based workloads.
NodeScript, a free, low-code developer environment for workflow automation and API integration, is released by UBIO.
IBM announced IBM Test Accelerator for Z, a solution designed to revolutionize testing on IBM Z, a tool that expedites the shift-left approach, fostering smooth collaboration between z/OS developers and testers.
StreamNative launched Ursa, a Kafka-compatible data streaming engine built on top of lakehouse storage.
GitKraken acquired code health innovator, CodeSee.
ServiceNow introduced a new no‑code development studio and new automation capabilities to accelerate and scale digital transformation across the enterprise.
Security Innovation has added new skills assessments to its Base Camp training platform for software security training.
CAST introduced CAST Highlight Extensions Marketplace — an integrated marketplace for the software intelligence product where users can effortlessly browse and download a diverse range of extensions and plugins.
Red Hat and Elastic announced an expanded collaboration to deliver next-generation search experiences supporting retrieval augmented generation (RAG) patterns using Elasticsearch as a preferred vector database solution integrated on Red Hat OpenShift AI.
Traceable AI announced an Early Access Program for its new Generative AI API Security capabilities.
StackHawk announced a new integration with Microsoft Defender for Cloud to help organizations build software more securely.
MacStadium announced that it has obtained Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) Level 1, meaning that MacStadium has publicly documented its compliance with CSA’s Cloud Controls Matrix (CCM), and that it joined the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
The Cloud Native Computing Foundation® (CNCF®) released the two-day schedule for CloudNativeSecurityCon North America 2024 happening in Seattle, Washington from June 26-27, 2024.
Sumo Logic announced new AI and security analytics capabilities that allow security and development teams to align around a single source of truth and collect and act on data insights more quickly.