IBM has completed its acquisition of HashiCorp, whose products automate and secure the infrastructure that underpins hybrid cloud applications and generative AI.
Data Theorem announced the launch of Code Secure, the latest evolution in application security designed to protect the software supply chain from code to deployment.
Code Secure integrates Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Supply Chain Security capabilities—including Software Bill of Materials (SBOM) management—into a comprehensive product offering.
This solution offers application security teams dynamically verified insights into vulnerabilities, open-source dependencies, and the overall software composition, encompassing both first and third-party components. By automating the analysis of security issues across the entire codebase, Code Secure minimizes the manual effort involved in sifting through vast amounts of data. It empowers teams to prioritize the most critical vulnerabilities, enabling faster remediation and strengthening security earlier in the development lifecycle. This proactive approach significantly reduces the risk of breaches, while ensuring continuous compliance with industry standards, providing peace of mind as applications scale in complexity.
Code Secure's Full Stack Security analysis offers advantages by providing visibility across all layers of an application's architecture—from code, APIs, and open-source libraries to cloud environments and third-party components. By connecting these elements in a single, cohesive view, Code Secure enables security teams to not only identify vulnerabilities in isolation but to understand how they interrelate and impact the overall security posture. This full-stack visibility allows teams to address root causes more effectively, improving the accuracy of risk assessments and enhancing their ability to defend against evolving attack vectors. Ultimately, this helps organizations maintain a stronger, more resilient security posture, even as applications evolve through development, deployment, and scaling.
"Data Theorem is committed to leading the market in application and API security innovation," said Doug Dooley, COO at Data Theorem. "With Code Secure, we've built on the foundation of our Supply Chain Secure product to offer an integrated approach that helps security and DevOps teams confidently secure their software. By consolidating SAST, SCA, and SBOM management with real-time verification and attack path visualization, Code Secure delivers unparalleled protection for organizations. This new, integrated code security offering delivers significant cost savings and simplicity for customers seeking to eliminate complexity and alert fatigue often associated with their legacy SAST and SCA scanning tools."
Key Differentiators of Code Secure Include:
- Tool Consolidation: Code Secure integrates SAST, SCA, Supply Chain, and SBOM management, reducing the need for multiple, overlapping tools.
- Dynamic Verification: DAST (Dynamic Application Security Testing) verification of code findings for APIs and applications ensures more accurate identification of vulnerabilities.
- Attack Path Visualization: Code-level violations are incorporated into attack path visualizations, providing security teams with a clearer understanding of potential exploit pathways.
Code Secure is available now.
Industry News
Veeam® Software announces Veeam Kasten for Kubernetes v7.5, designed to deliver Kubernetes-native data resilience for enterprises.
DeepSource released Globstar, an open-source project bringing code security tooling to the AppSec community, with no restrictions on commercial usage.
Google Cloud announced the public preview of Gemini Code Assist for individuals, a free version of Gemini Code Assist that will give students an easy-to-use free AI coding assistant with the highest usage limits available
BrowserStack announced the launch of its comprehensive Test Platform, designed to revolutionize how engineering teams approach software testing in an AI-driven world.
Snyk announced the launch of the Snyk Secure Developer Program, a new initiative designed to empower open source software maintainers with developer-friendly security solutions.
Red Hat announced the general availability of Red Hat OpenShift 4.18, the latest version of the hybrid cloud application platform powered by Kubernetes.
Akamai Technologies announced a Managed Container Service designed for companies that want to deliver better experiences by running workloads closer to users, devices, and sources of data.
Couchbase announced that its Capella AI Model Services have integrated NVIDIA NIM microservices, part of the NVIDIA AI Enterprise software platform, to streamline deployment of AI-powered applications, providing enterprises a powerful solution for privately running generative (GenAI) models.
GitLab announced the general availability of GitLab Duo Self-Hosted.
Tigera announced the introduction of several new innovations to Calico, including a new Ingress Gateway capability for Calico Cloud and Calico Enterprise, and the launch of Calico Dashboards.
Copado introduced three AI-powered DevOps apps for Slack.
Gearset announced that it now supports Salesforce's Agentforce.
Sonar announced the acquisition of AutoCodeRover, an autonomous AI agent platform for software development.
Faros AI announced a collaboration with Microsoft to deliver its AI-powered platform for optimizing engineering workflows on Azure.