MacStadium announced that it has obtained Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) Level 1, meaning that MacStadium has publicly documented its compliance with CSA’s Cloud Controls Matrix (CCM), and that it joined the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
New Relic IAST Adds Proof-of-Exploit Reporting for Application Security
March 13, 2024
New Relic launched new capabilities for New Relic IAST (Interactive Application Security Testing), including proof-of-exploit reporting for application security testing.
New Relic customers can now identify exploitable vulnerabilities with an ability to reproduce the problem and remediate the specific threat vector before shipping new code. This enables security and engineering teams to focus on real application security problems with zero false positives, as validated by the OWASP benchmark result of 100% accuracy.
“Security must be ingrained in the development culture, not just added on. New Relic IAST offers engineering and IT teams the ability to identify real application security risks with the same platform they use to monitor application performance,” said New Relic Chief Product Officer Manav Khurana. “It strengthens DevSecOps by bringing developers and security teams together to write secure code that defends against the threats of tomorrow and promotes a proactive stance on security. For well over a decade, the New Relic full-stack observability platform has bridged organizational silos by providing a single, trusted source of truth and unified user workflows – and now New Relic IAST furthers this mission.”
New updates include:
- Proof-of-exploit reporting: Find, fix, and verify exploitable vulnerabilities with dynamic assessment capabilities that pinpoint the API calls, method calls, and traces with vulnerabilities by simulating real-world attacks.
- Secure by design: The new risk exposure and assessment feature provides visibility into every code change showing potential vs. detected exposures so developers can quickly replicate, remediate, and validate fixes.
- Instant ROI: New Relic IAST is the only application security solution available out of the box in a full consumption model, so users no longer pay for security shelfware that can take months to deploy.
- Instant Impact Analysis: Know the number of applications impacted by a vulnerability and the potential severity of the identified risk with APM telemetry integrated with vulnerability management.
IAST is native to the New Relic all-in-one observability platform, which eliminates the need for additional agents, and it is now generally available in a usage-based pricing model.
Industry News
May 08, 2024
The Cloud Native Computing Foundation® (CNCF®) released the two-day schedule for CloudNativeSecurityCon North America 2024 happening in Seattle, Washington from June 26-27, 2024.
May 08, 2024
Sumo Logic announced new AI and security analytics capabilities that allow security and development teams to align around a single source of truth and collect and act on data insights more quickly.
May 08, 2024
Red Hat is announcing an optional additional 12-month EUS term for OpenShift 4.14 and subsequent even-numbered Red Hat OpenShift releases in the 4.x series.
May 08, 2024
HAProxy Technologies announced the launch of HAProxy Enterprise 2.9.
May 08, 2024
ArmorCode announced the general availability of AI Correlation in the ArmorCode ASPM Platform.
May 08, 2024
Octopus Deploy launched new features to help simplify Kubernetes CD at scale for enterprises.
May 08, 2024
Cequence announced multiple ML-powered advancements to its Unified API Protection (UAP) platform.
May 07, 2024
Oracle announced plans for Oracle Code Assist, an AI code companion, to help developers boost velocity and enhance code consistency.
May 07, 2024
New Relic launched Secure Developer Alliance.
May 07, 2024
Dynatrace is enhancing its platform with new Kubernetes Security Posture Management (KSPM) capabilities for observability-driven security, configuration, and compliance monitoring.
May 07, 2024
Red Hat announced advances in Red Hat OpenShift AI, an open hybrid artificial intelligence (AI) and machine learning (ML) platform built on Red Hat OpenShift that enables enterprises to create and deliver AI-enabled applications at scale across hybrid clouds.
May 07, 2024
ServiceNow is introducing new capabilities to help teams create apps and scale workflows faster on the Now Platform and to boost developer and admin productivity.
May 06, 2024
Red Hat and Oracle announced the general availability of Red Hat OpenShift on Oracle Cloud Infrastructure (OCI) Compute Virtual Machines (VMs).
May 06, 2024
The Software Engineering Institute at Carnegie Mellon University announced the release of a tool to give a comprehensive visualization of the complete DevSecOps pipeline.
