Check Point® Software Technologies Ltd.(link is external) announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.
Accurics unveiled a major upgrade to Terrascan, the open source static code analyzer that enables developers to build secure infrastructure as code (IaC).
The new release ensures Terraform templates avoid common security pitfalls in popular cloud providers such as AWS, Azure, and Google Cloud Platform. Built-in extensibility will enable support for other popular technologies such as AWS CloudFormation, Kubernetes, service mesh and serverless.
The new Terrascan architecture leverages the Open Policy Agent (OPA) engine from CNCF, which dramatically simplifies policy definition for developers that want to create custom policies as well as provides over 500 out-of-the-box policies for the CIS Benchmark.
“The rapid adoption of Infrastructure as Code is clearly meeting its intended goal: to help organizations achieve more reliability by programmatically embedding policy checks earlier in the development lifecycle,” said Cesar Rodriguez, head of Developer Advocacy at Accurics. “This is vital in an environment where the scale and velocity of cloud breaches is constantly increasing, and organizations are required to implement policy guardrails to ensure that cloud native infrastructure is securely defined and managed. Terrascan is already playing a key role in this process within many organizations, and the newest iteration takes these important capabilities much further.”
Terrascan is now available as a GitHub Action and is included in the popular Super-Linter GitHub Action. It can be installed as a pre-commit hook to help detect issues before code is pushed into your repository, and also integrated into the CI/CD pipeline.
Terrascan enhances the value of IaC used by organizations to define and manage cloud infrastructure. It emerged from a search for a scalable way to ensure that cloud infrastructure was configured in adherence with security best practices. Terrascan has already been downloaded by hundreds of developers to programmatically scan Terraform code (IaC) during development in order to track policy violations. It helps identify issues such as:
- Missing or misconfigured encryption on resources and communication
- Security Groups left open to the internet
- Inadvertent exposure of cloud services
- Insufficient logging for audit and compliance
Industry News
Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.
The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.
Backslash Security(link is external) announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.
SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.
Akamai Technologies introduced App & API Protector Hybrid.
Veracode has been granted a United States patent for its generative artificial intelligence security tool, Veracode Fix.
Zesty announced that its automated Kubernetes optimization platform, Kompass, now includes full pod scaling capabilities, with the addition of Vertical Pod Autoscaler (VPA) alongside the existing Horizontal Pod Autoscaler (HPA).
Check Point® Software Technologies Ltd.(link is external) has emerged as a leading player in Attack Surface Management (ASM) with its acquisition of Cyberint, as highlighted in the recent GigaOm Radar report.
GitHub announced the general availability of security campaigns with Copilot Autofix to help security and developer teams rapidly reduce security debt across their entire codebase.
DX and Spotify announced a partnership to help engineering organizations achieve higher returns on investment and business impact from their Spotify Portal for Backstage implementation.
Appfire announced its launch of the Appfire Cloud Advantage Alliance.
Salt Security announced API integrations with the CrowdStrike Falcon® platform to enhance and accelerate API discovery, posture governance and threat protection.
Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.
StackGen has partnered with Google Cloud Platform (GCP) to bring its platform to the Google Cloud Marketplace.