Parasoft announces the opening of its new office in Northeast Ohio.
Tenable announced new Tenable Cloud Security features that deliver automated operating system (OS) vulnerability detection across container images, registries and pipelines.
Building on existing exposure management capabilities, Tenable Cloud Security enables security teams to prevent OS vulnerabilities and other risks from being deployed in runtime environments.
Tenable Cloud Security agentless container scanning enables security teams to prioritize and prevent container OS vulnerabilities and other risks in multi-cloud environments using a single user interface. Security teams can leverage the same OS vulnerability detection they’ve come to trust from Tenable for container images. By focusing on scanning images stored in container image registries and as part of DevOps workflows and pipelines, security teams can stop risky images from being deployed to production, reduce alert noise and scale container adoption across their organization safely and securely.
Tenable’s approach to container OS vulnerability management enables customers to:
- Gain complete visibility by monitoring, reporting and remediating vulnerabilities across the container deployment lifecycle in one place.
- Prevent exposures and reduce alert noise by embedding security controls into pipelines, stopping risky images from being deployed and auto-generating pull requests.
- Drive scale and efficiency by employing a single-policy framework that enables security teams to create preventive policies for system host vulnerabilities the same way they do for infrastructure misconfigurations.
Industry News
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
Nokod Security announced the general availability of the Nokod Security Platform.
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.