Parasoft announces the opening of its new office in Northeast Ohio.
Palo Alto Networks introduced the CI/CD Security module to provide integrated software delivery pipeline security as part of our code-to-cloud capabilities in Prisma Cloud's CNAPP platform.
By securing the CI/CD environment and protecting against open source vulnerabilities with software composition analysis, Prisma Cloud is the most complete security platform for seamlessly protecting the entire engineering ecosystem.
The CI/CD Security module enables DevOps and security teams to better collaborate and improve security outcomes throughout the application life cycle. By adding CI/CD Security into the Prisma Cloud platform that already includes — Secrets Scanning, Software Composition Analysis, Infrastructure as Code Security — organizations are able to optimize security and risk prevention throughout the entire software delivery pipeline, achieving a holistic and comprehensive security oversight which cannot be achieved with individual, siloed solutions.
Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks, said: "A major challenge in securing CI/CD pipelines is visibility. The myriad of third-party tools and applications running in development environments makes it almost impossible for security teams to determine if they are correctly configured. The integration of Cider's capabilities secures the CI/CD environment and gives Prisma Cloud customers the ability to analyze individual tools, visualize how they interact with applications and each other, and identify and remediate risks."
The Prisma Cloud CI/CD Security module will be available this Summer, 2023.
Industry News
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
Nokod Security announced the general availability of the Nokod Security Platform.
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.