Parasoft announces the opening of its new office in Northeast Ohio.
Secure Code Warrior joined GitLab’s global partner program.
As part of the partnership, Secure Code Warrior will make its learning platform capabilities available to developers on GitLab’s DevOps Platform, supporting a developer-led security approach.
Additionally, this integration will enhance real-time secure coding guidance that is pivotal when detecting and fixing vulnerabilities efficiently.
Secure Code Warrior Co-founder and CEO, Pieter Danhieux, said: “Developers are expected to deliver code faster than ever before, which can make security oftentimes an afterthought. However, if developers can get actionable secure coding guidance throughout their workflows, they’ll be enabled to find and fix vulnerabilities whilst taking their security knowledge to the next level ...”
Secure Code Warrior’s goal is to embed security into developers’ workflow, assisting them to rise to the challenge of creating a higher standard of code quality. The current culture around the role of the developer in security best practices is, in most organizations, limited at best. However, with true developer enablement - implemented in a way that makes sense in their world - organizations can ignite a passion for cyber defense through secure coding, maximizing developer’s productivity and code quality.
“Security has become top of mind for many organizations; however, software development teams still contend with increasingly complicated security policies and sophisticated tools just to prevent potential vulnerabilities from slipping into production. By offering Secure Code Warrior’s contextual learning across secure coding in our DevOps Platform, we provide another tool for developers to utilize as they take more ownership and control of establishing security practices earlier in the development chain.” said Nima Badiey, VP of Global Alliances at GitLab.
Industry News
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
Nokod Security announced the general availability of the Nokod Security Platform.
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.