GitLab announced the general availability of GitLab Duo with Amazon Q.
Aricent launched its Highly Automated Vulnerability Assessment Orchestration Containers (HAVOC) framework that manages cyber risk by catching significant security vulnerabilities before they are exploited.
Companies are under pressure to launch products and services faster without exposing themselves to cyber risk. However, shorter time to market lifecycles and latent vulnerabilities raises the likelihood of more successful denial of service attacks and data breaches. Aricent’s HAVOC solution addresses the need to understand the nature of vulnerability risk through a combination of precision coverage, superior probability and statistics, and speed of decision making.
According to researchers, the costs of ransomware in 2015 was $325m and rose to $5bn in 2017. In the next five years, the cost could reach $8 trillion. Conventional security management of products is based upon monolithic risk models with infrequent pre-release tests and random post-deployment assessments. These methods are unable to keep up with the advancing threat levels to product security and are not evolved to accommodate the speed and rigor of Agile or DevOps processes.
While latent software defects will always exist, the challenge is remediating vulnerabilities that can be readily exploited. Through a high-performance graph database, the tool reduces the time to prioritize and correlate thousands of findings that can span software source code, run-times, protocols stack, application interfaces and cloud-native implementations. HAVOC increases speed, verification and frequency of build, test and deployments lifecycles. This results in safer, more secure applications and safeguards businesses from legal, business and economic problems.
Industry News
Perforce Software and Liquibase announced a strategic partnership to enhance secure and compliant database change management for DevOps teams.
Spacelift announced the launch of Saturnhead AI — an enterprise-grade AI assistant that slashes DevOps troubleshooting time by transforming complex infrastructure logs into clear, actionable explanations.
CodeSecure and FOSSA announced a strategic partnership and native product integration that enables organizations to eliminate security blindspots associated with both third party and open source code.
Bauplan, a Python-first serverless data platform that transforms complex infrastructure processes into a few lines of code over data lakes, announced its launch with $7.5 million in seed funding.
Perforce Software announced the launch of the Kafka Service Bundle, a new offering that provides enterprises with managed open source Apache Kafka at a fraction of the cost of traditional managed providers.
LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.
Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.
Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.
Check Point® Software Technologies Ltd.(link is external) announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.
Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.
The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.
Backslash Security(link is external) announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.
SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.
Akamai Technologies introduced App & API Protector Hybrid.