Red Hat and Oracle announced the general availability of Red Hat OpenShift on Oracle Cloud Infrastructure (OCI) Compute Virtual Machines (VMs).
Rezilion announced the release of its new Smart Fix feature in the Rezilion platform, which offers critical guidance so users can understand the most strategic, not just the most recent, upgrade to fix vulnerable components.
Smart Fix offers guidance on the best update version available to patch all CVEs with the lowest likelihood of breaking applications or infrastructure, shrinking operational risk and minimizing downtime. The guidance also allows users to clear out clutter and complexity and create policies and automation to prioritize the smartest (not just the most recent) fix available. This leads to faster remediation workflows to minimize exposure time. Developers can focus on fixing components that are possible to fix with clear instructions on what they need to fix right the first time, avoiding time-consuming rounds of research and rollbacks.
Through Rezilion's platform, Smart Fix tells you not only what and where to fix but HOW to eliminate both CVEs and operational risks simultaneously – and get the work done automatically. The feature is one of a series of recent platform enhancements aimed at improving and accelerating software supply chain security.
"We believe that too much time is spent on security – especially when it comes to software," said Liran Tancman, CEO, Rezilion. "That's why we're releasing Smart Fix, which will allow customers to apply the best upgrade available that will not break their build, while addressing multiple, exploitable vulnerabilities with one patch, saving everybody time."
Industry News
The Software Engineering Institute at Carnegie Mellon University announced the release of a tool to give a comprehensive visualization of the complete DevSecOps pipeline.
Synopsys has entered into a definitive agreement with Clearlake Capital Group, L.P. and Francisco Partners.
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
Nokod Security announced the general availability of the Nokod Security Platform.
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.