Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
Styra introduced Repo Scan as the newest feature in the Styra Declarative Authorization Service (DAS).
With this new addition, Styra now provides near-instant scanning of configuration files in GitHub, so that Platform teams have the power to proactively prevent errors from making their way into production.
Styra now provides a simple, efficient way for developers and platform teams to check their configuration files for human error, mismanagement or simple deployment gaps. This ensures potential attackers don’t have the ability to exploit configuration errors, and “walk through the front door” of today’s software-defined infrastructure.
“No human can keep up with scanning thousands of lines of code, with infinite repetition, to ensure configuration changes and app updates don’t have unintended consequences.” says Chris Hendrix, Director of Product Management at Styra. “At Styra, we want to make our users’ jobs easier while ensuring that the applications and infrastructure they’re building is secure and compliant. This new addition to Styra DAS lets our customers shift their security policy left, all the way to code check-in time, to catch errors even earlier, and remediate risk from the start.”
Repo Scan gives Platform teams a near-instant solution for scanning policy-as-code files in GitHub then quickly finds and flags issues to minimize the possibility of risk to security, compliance or availability. This new capability means Styra customers can:
- Quickly find errors within seconds and prove those errors have been fixed with dynamic compliance reporting
- Empower developers and enable tooling diversity using OPA-based policy that is fully extensible across platforms and tooling
- Enhance productivity with automated policy enforcement that monitors and enforces policy guardrails from GitHub check in, to CICD, to production deployment
Industry News
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.
OpenText™ announced a solution to long-standing open source intake challenges, OpenText Debricked Open Source Select.
ThreatX has extended its Runtime API and Application Protection (RAAP) offering to provide always-active API security from development to runtime, spanning vulnerability detection at Dev phase to protection at SecOps phase of the software lifecycle.
Canonical announced the release of Ubuntu 24.04 LTS, codenamed “Noble Numbat.”
JFrog announced a new machine learning (ML) lifecycle integration between JFrog Artifactory and MLflow, an open source software platform originally developed by Databricks.
Copado announced the general availability of Test Copilot, the AI-powered test creation assistant.
SmartBear has added no-code test automation powered by GenAI to its Zephyr Scale, the solution that delivers scalable, performant test management inside Jira.
Opsera announced that two new patents have been issued for its Unified DevOps Platform, now totaling nine patents issued for the cloud-native DevOps Platform.
mabl announced the addition of mobile application testing to its platform.
Spectro Cloud announced the achievement of a new Amazon Web Services (AWS) Competency designation.
GitLab announced the general availability of GitLab Duo Chat.