Accurics Integrates with GitLab
June 14, 2021

Accurics announced a technology partnership with GitLab as well as the general availability of its integration with GitLab's Static Application Security Testing (SAST) solution.

Accurics leverages the integration with GitLab to provide DevSecOps teams with a holistic, contextualized view of application and infrastructure risks. Organizations can now establish and programmatically enforce consistent risk management policies throughout the Software Development Lifecycle (SDLC) while minimizing the effort and expense of manual triage and investigation.

Cloud infrastructure and applications are traditionally deployed from two separate pipelines, which dissociates application security vulnerabilities from Infrastructure as Code (IaC) misconfigurations. As a result, developers are often left with a long list of vulnerabilities and misconfigurations to fix without the context required to prioritize remediation of those vulnerabilities and misconfigurations that could actually be exploited.

“The most effective innovation is often incremental – for example, new capabilities and additional functionality accompanied by relevant security advances,” said Om Moolchandani, Co-founder, CTO & CISO at Accurics. “In this environment, we see diverse and largely unconnected vulnerabilities and misconfigurations, collectively producing a level of noise that makes identifying the most serious risks vital but difficult. The partnership with GitLab serves to add greater context to every layer of code and strengthens the security risk posture throughout the extended development lifecycle.”

The integration with GitLab helps Accurics users overcome these challenges by correlating IaC, cloud, and SAST vulnerabilities to help mitigate risk throughout the SDLC and generate a threat score. This threat score can be used by policy guardrails established with Policy as Code, blocking the riskiest builds from being deployed into production while providing insight into less risky problems that don't warrant breaking the build. As a result, developers are able to focus resources on remediating the most immediate threats first.

“The growing adoption of GitOps practices and Infrastructure as Code necessitates scalable risk management tools,” said Nima Badiey, VP, Global Alliances at GitLab. “The integration between GitLab and Accurics will help customers to programmatically define infrastructure and risk management policies more effectively throughout the software development lifecycle.”

Share this

Industry News

March 13, 2025

Progress is offering over 50 enterprise-grade UI components from Progress® KendoReact™, a React UI library for business application development, for free.

March 13, 2025

Opsera announced a new Leadership Dashboard capability within Opsera Unified Insights.

March 13, 2025

Cycloid announced the introduction of Components, a new management layer enabling a modular, structured approach to managing cloud resources within the Cycloid engineering platform.

March 12, 2025

ServiceNow unveiled the Yokohama platform release, including ServiceNow Studio which provides a unified workspace for rapid application development and governance.

March 12, 2025

Sonar announced the upcoming availability of SonarQube Advanced Security.

March 12, 2025

ScaleOut Software introduces generative AI and machine-learning (ML) powered enhancements to its ScaleOut Digital Twins™ cloud service and on-premises hosting platform with the release of Version 4.

March 11, 2025

Kurrent unveiled a developer-centric evolution of Kurrent Cloud that transforms how developers and dev teams build, deploy and scale event-native applications and services.

March 11, 2025

ArmorCode announced the launch of two new apps in the ServiceNow Store.

March 10, 2025

Parasoft(link is external) is accelerating the release of its C/C++test 2025.1 solution, following the just-published MISRA C:2025 coding standard.

March 10, 2025

GitHub is making GitHub Advanced Security (GHAS) more accessible for developers and teams of all sizes.

March 10, 2025

ArmorCode announced the enhanced ArmorCode Partner Program, highlighting its goal to achieve a 100 percent channel-first sales model.

March 06, 2025

Parasoft(link is external) is showcasing its latest product innovations at embedded world Exhibition, booth 4-318(link is external), including new GenAI integration with Microsoft Visual Studio Code (VS Code) to optimize test automation of safety-critical applications while reducing development time, cost, and risk.

March 06, 2025

JFrog announced general availability of its integration with NVIDIA NIM microservices, part of the NVIDIA AI Enterprise software platform.

March 06, 2025

CloudCasa by Catalogic announce an integration with SUSE® Rancher Prime via a new Rancher Prime Extension.

March 05, 2025

MacStadium(link is external) announced the extended availability of Orka(link is external) Cluster 3.2, establishing the market’s first enterprise-grade macOS virtualization solution available across multiple deployment options.