Parasoft announces the opening of its new office in Northeast Ohio.
GitGuardian, is joining the Snyk Technology Alliance Partner Program.
The new partnership enables Snyk and GitGuardian to build, integrate and go to market together to help development and security teams scale their security programs and significantly reduce their applications' attack surface at every stage of the code-to-cloud lifecycle.
“GitGuardian and Snyk share the same mission: helping developers build and deploy secure applications in a cloud-native world. We also share the same success; GitGuardian and Snyk are the two most installed GitHub security apps, totaling more than 70% of the downloads in their category. We’re excited to join the Snyk Technology Alliance Partner Program and provide our advanced secrets detection and remediation to Snyk’s user base,” said Eric Fourrier, CEO and Founder of GitGuardian.
“GitGuardian’s advanced secrets detection technology detects, alerts, and prevents hardcoded secrets in the software delivery pipeline,” said Jill Wilkins, Senior Director, Global Technology Alliances, Snyk. “Joined with Snyk’s ability to secure all of the critical components of applications from code to cloud, organizations are able to mitigate risks both early in development plus prevent secrets sprawl across the software supply chain. This combination greatly improves the overall hygiene of your code security posture.”
GitGuardian and Snyk have adopted parallel strategies to bridge developer and security silos. GitGuardian’s approach, dubbed “The AppSec Shared Responsibility Model,” has helped the company successfully deploy secrets detection programs for organizations with thousands of developers by:
- Providing security teams with complete visibility and continuous assessment of their software supply chain’s security posture.
- Combining contextual security insights and automated remediation workflows, enabling security engineers to prioritize and relay hardcoded secrets incidents to developers quickly.
- Empowering developers to fix vulnerabilities by themselves in a guided remediation process and prevent new ones by integrating secrets scanning in their workflows.
In addition, both companies are committed to delivering a best-in-class developer experience, which has resulted in their platforms being the most downloaded applications in the security category of the GitHub Marketplace, with GitGuardian and Snyk ranking first and second, respectively.
Industry News
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
Nokod Security announced the general availability of the Nokod Security Platform.
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.