Progress is offering over 50 enterprise-grade UI components from Progress® KendoReact™, a React UI library for business application development, for free.
GitHub Advanced Security Integrates Endor Labs Software Composition Analysis
February 10, 2025
Endor Labs announced a partnership with GitHub that makes it easier than ever for application security teams and developers to accurately identify and remediate the most serious security vulnerabilities—all without leaving GitHub.
In an environment where the number of Common Vulnerabilities and Exposures (CVEs) has spiked by 500% in just the past decade, the enhanced ease and precision enabled by the partnership will deliver major benefits to organizations.
“While a few supply chain attacks, like last year’s XZ Utils episode, get wide attention, they represent only a fraction of the overall threat landscape,” said Varun Badhwar, co-founder and CEO of Endor Labs. “The greatest risks instead come from unpatched vulnerabilities embedded in lesser-known open source dependencies. Effectively responding to all of those devours developer time and resources. Endor Labs technology makes it significantly easier to identify and prioritize the most serious threats, and developers can now derive those benefits while working within GitHub. We’re proud to enter into this partnership with GitHub, and we look forward to jointly delivering many more technology advances.”
Endor Labs and GitHub bring significant advantages to this partnership. Endor Labs’ SCA technology helps identify and prioritize dependency vulnerabilities by their potential impact, based on factors such as reachability, exploitability and more. For example, Endor Labs checks if the vulnerable function of a given dependency is actually reachable by a given application, or is just sitting in an unused corner of a transitive dependency. Similarly, GitHub Advanced Security (GHAS) – the developer-first application security suite that brings GitHub's world-class security capabilities to public and private repositories – integrates crucial security practices directly into the workflow, offering developers a streamlined way to secure their code. It enables code scanning, secret scanning, AI autofixes, and more.
Now, with Endor Labs SCA integrated into GitHub Advanced Security, development teams can dismiss up to 92% of low-risk dependency security alerts. That allows them to focus on the vulnerabilities that matter most, and the new capabilities they seek to deliver to users.
Just three months earlier, Microsoft – GitHub’s parent company, natively integrated the Endor Labs advanced SCA capabilities within Microsoft Defender for Cloud, a leading Cloud-Native Application Protection Platform (CNAPP) to empower organizations to consolidate their application security and cloud security programs into a single platform, securing cloud workloads and code seamlessly in one place. The partnership now allows organizations to deploy SCA and CNAPP solutions from a unified dashboard, achieving comprehensive security coverage from code to runtime.
Industry News
March 13, 2025
Opsera announced a new Leadership Dashboard capability within Opsera Unified Insights.
March 13, 2025
Cycloid announced the introduction of Components, a new management layer enabling a modular, structured approach to managing cloud resources within the Cycloid engineering platform.
March 12, 2025
ServiceNow unveiled the Yokohama platform release, including ServiceNow Studio which provides a unified workspace for rapid application development and governance.
March 12, 2025
Sonar announced the upcoming availability of SonarQube Advanced Security.
March 12, 2025
ScaleOut Software introduces generative AI and machine-learning (ML) powered enhancements to its ScaleOut Digital Twins™ cloud service and on-premises hosting platform with the release of Version 4.
March 11, 2025
Kurrent unveiled a developer-centric evolution of Kurrent Cloud that transforms how developers and dev teams build, deploy and scale event-native applications and services.
March 11, 2025
ArmorCode announced the launch of two new apps in the ServiceNow Store.
March 10, 2025
Parasoft(link is external) is accelerating the release of its C/C++test 2025.1 solution, following the just-published MISRA C:2025 coding standard.
March 10, 2025
GitHub is making GitHub Advanced Security (GHAS) more accessible for developers and teams of all sizes.
March 10, 2025
ArmorCode announced the enhanced ArmorCode Partner Program, highlighting its goal to achieve a 100 percent channel-first sales model.
March 06, 2025
Parasoft(link is external) is showcasing its latest product innovations at embedded world Exhibition, booth 4-318(link is external), including new GenAI integration with Microsoft Visual Studio Code (VS Code) to optimize test automation of safety-critical applications while reducing development time, cost, and risk.
March 06, 2025
JFrog announced general availability of its integration with NVIDIA NIM microservices, part of the NVIDIA AI Enterprise software platform.
March 06, 2025
CloudCasa by Catalogic announce an integration with SUSE® Rancher Prime via a new Rancher Prime Extension.
March 05, 2025
MacStadium(link is external) announced the extended availability of Orka(link is external) Cluster 3.2, establishing the market’s first enterprise-grade macOS virtualization solution available across multiple deployment options.
