Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Opsera Salesforce DevOps Platform Enables Secure and Resilient Salesforce Releases
February 16, 2023
Opsera announced the latest enhancements to its Salesforce DevOps platform that ensures the highest security and compliance standards are met for Salesforce releases through source-driven development and native integrations with security tools.
Securing and maintaining Salesforce releases is a major challenge for engineering teams. Every change and additional tool in the pipeline introduces complex and manual work. Today's modern CI/CD environments prioritize speed of releases, meaning security often becomes an afterthought, is addressed late in the release process, or ignored entirely.
With Opsera, security is built-in by design with templatized workflows to add vital security and authenticity checks, customizable gates, thresholds, and other quality controls throughout the Salesforce release process. Opsera enables secure Salesforce releases through:
■ Source-Driven Development: Opsera's source-driven development allows developers to continuously deliver changes to the Salesforce platform in an efficient and controlled manner. Unlike other Salesforce DevOps platforms, Opsera integrates with existing DevOps toolchains including source code management tools, git scanners, code scanners, test automation and more – along with governance processes.
■ Security Tool Integrations: Opsera's Salesforce DevOps platform integrates with CodeAnalyzer, SonarQube and any native static application security testing (SAST) to scan apex code for code coverage, bugs, vulnerabilities, best practices, etc. Opsera also includes a native Hashicorp Vault integration for credentials management in a single click.
■ Static Code Analysis: Static code analysis gives programmers a better grasp of their code base and ensures it is secure and compliant. With Opsera, users easily connect Git accounts inside Opsera pipelines and quickly check the quality of their code using a native code analyzer or tools like SonarQube.
■ Scan for Secrets: Opsera's GitCustodian focuses on Git security to prevent secrets, tokens or any other sensitive information from being leaked. GitCustodian verifies that there are fewer vulnerabilities and coding problems by scanning all branches in private repositories. GitCustodian is a free tool which can be downloaded here with no login required.
"Salesforce releases are cumbersome and challenging to secure," said Kumar Chivukula, CEO and co-founder of Opsera. "With Opsera's Salesforce DevOps platform, Salesforce developers, architects and admins are enabled to improve security, agility and productivity significantly. They can go to market faster by 65% and improve security and quality posture by 60%."
Industry News
May 01, 2024
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
May 01, 2024
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
May 01, 2024
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
May 01, 2024
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
April 30, 2024
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
April 30, 2024
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
April 30, 2024
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
April 29, 2024
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
April 29, 2024
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.
April 29, 2024
OpenText™ announced a solution to long-standing open source intake challenges, OpenText Debricked Open Source Select.
April 29, 2024
ThreatX has extended its Runtime API and Application Protection (RAAP) offering to provide always-active API security from development to runtime, spanning vulnerability detection at Dev phase to protection at SecOps phase of the software lifecycle.
April 29, 2024
Canonical announced the release of Ubuntu 24.04 LTS, codenamed “Noble Numbat.”
April 25, 2024
JFrog announced a new machine learning (ML) lifecycle integration between JFrog Artifactory and MLflow, an open source software platform originally developed by Databricks.
April 25, 2024
Copado announced the general availability of Test Copilot, the AI-powered test creation assistant.
