Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
LDRA announced integration with Amazon Web Services (AWS) to help small- and medium-sized organizations more efficiently deploy security into the earliest stages of software development.
AWS is a cloud-hosted development and deployment solution that offers more than 200 fully featured services from global data centers. Millions of customers, including startups, large enterprises and leading government agencies, develop with AWS to lower cost, become more agile and innovate faster. The LDRA tool suite adds testing to the AWS cloud pipeline to more efficiently assess an operation, a file or groups of operations/files while also helping focus. The integration of LDRA tools to AWS’ existing testing tools improves software robustness, enhances security and delivers faster time to market.
“With advanced cloud-development platforms like AWS, even the smallest organization can build software that is high quality, safe and secure without the need for expensive servers and infrastructure,” said Ian Hennell, Operations Director, LDRA. “Couple AWS with an analysis and testing tool like our tool suite, and they can easily test and analyze the software for any security holes so they can be fixed long before they get to market.”
This LDRA/AWS integration, a model for integration in public and private clouds, brings development, security and operations together to improve efficiencies and automation from the start. Using the LDRA tool suite with AWS lets them execute security tests more efficiently across one or many tasks in parallel. This is especially critical for organizations where security is critical, including a large US-hosted defense contractor who recently moved to AWS for Defense.
“As we see customers transition their traditional infrastructure to AWS and AWS for Defense, LDRA's ability to interoperate in a cloud environment has become increasingly important,” Hennell added. “Our tool suite can run in traditional AWS, AWS GovCloud and AWS GovCloud with ITAR restrictions, helping customers meet their security needs regardless of which version of the AWS they’ve deployed.”
LDRA tool suite supports multiple on-premises, cloud-hosted deployment options
In addition to AWS, the LDRA tool suite supports other on-premises and cloud-hosted deployment options such as Wind River Studio and Azure DevOps platforms to support environment hardening and simplifying achieving security at scale. Deployment options include hardened “Zero Trust” environments that rely on always available “known good” containers, eliminating systemic vulnerabilities.
Industry News
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.
OpenText™ announced a solution to long-standing open source intake challenges, OpenText Debricked Open Source Select.
ThreatX has extended its Runtime API and Application Protection (RAAP) offering to provide always-active API security from development to runtime, spanning vulnerability detection at Dev phase to protection at SecOps phase of the software lifecycle.
Canonical announced the release of Ubuntu 24.04 LTS, codenamed “Noble Numbat.”
JFrog announced a new machine learning (ML) lifecycle integration between JFrog Artifactory and MLflow, an open source software platform originally developed by Databricks.
Copado announced the general availability of Test Copilot, the AI-powered test creation assistant.
SmartBear has added no-code test automation powered by GenAI to its Zephyr Scale, the solution that delivers scalable, performant test management inside Jira.
Opsera announced that two new patents have been issued for its Unified DevOps Platform, now totaling nine patents issued for the cloud-native DevOps Platform.
mabl announced the addition of mobile application testing to its platform.
Spectro Cloud announced the achievement of a new Amazon Web Services (AWS) Competency designation.
GitLab announced the general availability of GitLab Duo Chat.