Gearset announced its new CI/CD solution, Long Term Projects in Pipelines.
Sysdig Partners With Snyk
March 03, 2022
Sysdig and Snyk announced the integration of Sysdig Secure with Snyk Container to cover container security from development through operations.
Based on initial internal testing, this integration allows teams to eliminate up to 95 percent of vulnerability alerts using runtime intelligence from Sysdig Secure with Snyk Container.
With this partnership, Sysdig and Snyk bring together container runtime and developer security tools, for an integration that bridges developer, DevOps, and SecOps silos. Sysdig runtime context provides Snyk users the ability to quickly pinpoint exploitable packages that are active in production applications. The integration aligns developer, operations, and security teams on which vulnerabilities to prioritize fixing first, focusing scarce developer resources on the biggest risks.
Developers are overwhelmed with vulnerabilities and don’t know where to focus remediation efforts. Attempting to wade through the unmanageable number of issues is noise that takes precious time away from coding and leaves organizations open to risk. By understanding business impact, as well as severity score, teams can fix the most critical issues first.
Security and operations teams responsible for monitoring the runtime environment need the container and Kubernetes visibility required to flag newly identified vulnerabilities for workloads running in production. They also need to detect threats attacking vulnerabilities that have not been fixed, and to stay ahead of zero-day exploits.
Sysdig’s unique container visibility and threat protection and Snyk’s developer-first tooling pair accurate runtime threat protection with early detection and vulnerability management. By bringing this information into the development pipeline, Sysdig and Snyk are in a unique position to help development teams instantly eliminate up to 95 percent of the vulnerabilities that would otherwise demand their attention.
Sysdig and Snyk’s new collaboration helps organizations more effectively remove the security barriers that stand in the way of faster innovation.
This is accomplished by:
- Securing the entire container lifecycle: Every aspect of the container and Kubernetes lifecycle is now covered — from the most secure base images to detecting and prioritizing which vulnerabilities require attention, to monitoring running workloads for real-time threats and new vulnerabilities.
- Building securely from the start: Snyk’s security insights and automated remediation are seamlessly integrated to more easily find, prioritize, and fix vulnerabilities in containers and open source dependencies.
- Protecting against runtime threats: Sysdig’s runtime security, based on open source Falco, detects threats across containers and Kubernetes, and captures detailed activity, enabling teams to accelerate incident response.
- Prioritizing the security alerts that matter most: With the integration of Snyk and Sysdig, organizations can quickly pinpoint exploitable packages that are active in production applications. This enables organizations to prioritize container vulnerabilities that pose the greatest risk, reducing noise and overall risk to gain developer speed and efficiency.
Industry News
May 15, 2024
Rafay Systems has extended the capabilities of its enterprise PaaS for modern infrastructure to support graphics processing unit- (GPU-) based workloads.
May 15, 2024
NodeScript, a free, low-code developer environment for workflow automation and API integration, is released by UBIO.
May 14, 2024
IBM announced IBM Test Accelerator for Z, a solution designed to revolutionize testing on IBM Z, a tool that expedites the shift-left approach, fostering smooth collaboration between z/OS developers and testers.
May 14, 2024
StreamNative launched Ursa, a Kafka-compatible data streaming engine built on top of lakehouse storage.
May 14, 2024
GitKraken acquired code health innovator, CodeSee.
May 13, 2024
ServiceNow introduced a new no‑code development studio and new automation capabilities to accelerate and scale digital transformation across the enterprise.
May 13, 2024
Security Innovation has added new skills assessments to its Base Camp training platform for software security training.
May 13, 2024
CAST introduced CAST Highlight Extensions Marketplace — an integrated marketplace for the software intelligence product where users can effortlessly browse and download a diverse range of extensions and plugins.
May 09, 2024
Red Hat and Elastic announced an expanded collaboration to deliver next-generation search experiences supporting retrieval augmented generation (RAG) patterns using Elasticsearch as a preferred vector database solution integrated on Red Hat OpenShift AI.
May 09, 2024
Traceable AI announced an Early Access Program for its new Generative AI API Security capabilities.
May 09, 2024
StackHawk announced a new integration with Microsoft Defender for Cloud to help organizations build software more securely.
May 08, 2024
MacStadium announced that it has obtained Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) Level 1, meaning that MacStadium has publicly documented its compliance with CSA’s Cloud Controls Matrix (CCM), and that it joined the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
May 08, 2024
The Cloud Native Computing Foundation® (CNCF®) released the two-day schedule for CloudNativeSecurityCon North America 2024 happening in Seattle, Washington from June 26-27, 2024.
May 08, 2024
Sumo Logic announced new AI and security analytics capabilities that allow security and development teams to align around a single source of truth and collect and act on data insights more quickly.
