Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Tripwire Debuts Container Analyzer Service
April 16, 2018
Tripwire announced the debut of its Container Analyzer Service, a DevOps solution for scanning vulnerabilities in the build phase, now available for beta customers.
The early access program for Tripwire’s Container Analyzer Service now embeds security at the beginning of the DevOps process. During the build phase, it can be used to perform complete vulnerability analysis of Docker images, systematically approving images or preventing further use of them.
"With the new Container Analyzer Service, Tripwire helps address security needs throughout the entire DevOps life cycle – from build to production," said Tim Erlin, VP of Product Management and Strategy at Tripwire. "It's critical that security controls work at the speed of DevOps, and we're excited to provide security teams with the tools that help them address the continuous and rapid release of new applications and services.”
Images are built earlier in the DevOps process and are the basis for building a container – a runtime instance of an image. The Container Analyzer Service combines with continuous integration (CI) and continuous deployment (CD) tools to perform vulnerability scanning at each layer of the Docker image.
This new capability builds upon Tripwire's existing capabilities for scanning online, offline and non-running Docker containers later in the DevOps life cycle. Scanning for vulnerabilities throughout the life cycle is important as change happens frequently and rapidly through the DevOps process.
In addition to delivering this enhanced visibility into vulnerabilities, Tripwire also provides integration with the DevOps toolchain for initiating scans, securing the build pipeline infrastructure, and monitoring for changes throughout the continuous deployment life cycle.
Industry News
May 01, 2024
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
May 01, 2024
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
May 01, 2024
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
May 01, 2024
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
April 30, 2024
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
April 30, 2024
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
April 30, 2024
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
April 29, 2024
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
April 29, 2024
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.
April 29, 2024
OpenText™ announced a solution to long-standing open source intake challenges, OpenText Debricked Open Source Select.
April 29, 2024
ThreatX has extended its Runtime API and Application Protection (RAAP) offering to provide always-active API security from development to runtime, spanning vulnerability detection at Dev phase to protection at SecOps phase of the software lifecycle.
April 29, 2024
Canonical announced the release of Ubuntu 24.04 LTS, codenamed “Noble Numbat.”
April 25, 2024
JFrog announced a new machine learning (ML) lifecycle integration between JFrog Artifactory and MLflow, an open source software platform originally developed by Databricks.
April 25, 2024
Copado announced the general availability of Test Copilot, the AI-powered test creation assistant.
