Check Point® Software Technologies Ltd. announced the new Check Point Quantum Firewall Software R82 (R82) and additional innovations for the Infinity Platform.
Sysdig and Docker announced the integration of Sysdig runtime insights into Docker Scout to help developers prioritize risk and move faster.
Docker and Sysdig will help customers reduce software supply chain noise, prioritize the insights that matter, and build leaner container images. Sysdig is the first runtime security integration into Docker Scout.
By leveraging real-time insights from production – such as in-use vulnerabilities, multidomain correlation, and in-use permissions – the Sysdig cloud-native application protection platform (CNAPP) connects the dots and identifies top risks across the software life cycle.
Docker Scout provides developers with actionable insights across the software supply chain via context-aware recommendations that result in improved application reliability and security. With this partnership, built on a shared open source heritage and commitment to cloud-native innovation, Sysdig and Docker add additional layers of runtime security that bring better visibility while empowering development and security teams to target real, imminent risk.
Benefits of Sysdig Runtime Insights Integration with Docker Scout
- Ship more secure images: Developers can compare images during the build phase with those running in production to easily identify risk, eliminate unnecessary packages, and build leaner container images with a smaller attack surface. Integration with the Docker Build and Push GitHub Action provide insight directly within GitHub to avoid committing risky images.
- Avoid shift-left security gaps: Shift-left security empowers teams to make better-informed decisions earlier in the development process. With Docker and Sysdig, it is possible to correlate image analysis with runtime context to generate actionable insights for securing the software supply chain.
- Accelerate cloud-native application delivery: Software validation processes are faster when informed by Sysdig runtime insights. By quickly identifying imminent risks that require immediate remediation, developers can focus on innovation and deliver cloud-native applications faster.
- Reduce monitoring noise: Joint customers can reduce monitoring noise by up to 95%, separating which vulnerabilities are in use and which are not. This helps security teams focus on what is most important and saves time for developers.
“Organizations need to strengthen security across the entire software life cycle. With Docker Scout, Docker is giving developers the power to build more secure images from the start. Incorporating Sysdig runtime insights means that users can save time by focusing on the real risks exposed in production. Our partnership will help teams to both shift left and shield right to protect against breaches without slowing innovation,” said Bryan Smoltz, Vice President of Technology Alliances at Sysdig.
“Docker Scout proactively provides actionable insights across the secure software supply chain,” said Julien Faure, General Manager for Software Supply Chain at Docker. “With the Sysdig integration, we’re able to cut through the noise using runtime context. Knowing which packages are in use allows developers to prioritize what matters and deliver secure software faster.”
Industry News
Sonatype and OpenText are partnering to offer a single integrated solution that combines open-source and custom code security, making finding and fixing vulnerabilities faster than ever.
Red Hat announced an extended collaboration with Microsoft to streamline and scale artificial intelligence (AI) and generative AI (gen AI) deployments in the cloud.
Endor Labs announced that Microsoft has natively integrated its advanced SCA capabilities within Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP).
Progress announced new powerful capabilities and enhancements in the latest release of Progress® Sitefinity®.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.
Securiti announced a new solution - Security for AI Copilots in SaaS apps.
Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, has announced significant momentum around cloud native training and certifications with the addition of three new project-centric certifications and a series of new Platform Engineering-specific certifications:
Red Hat announced the latest version of Red Hat OpenShift AI, its artificial intelligence (AI) and machine learning (ML) platform built on Red Hat OpenShift that enables enterprises to create and deliver AI-enabled applications at scale across the hybrid cloud.
Salesforce announced agentic lifecycle management tools to automate Agentforce testing, prototype agents in secure Sandbox environments, and transparently manage usage at scale.
OpenText™ unveiled Cloud Editions (CE) 24.4, presenting a suite of transformative advancements in Business Cloud, AI, and Technology to empower the future of AI-driven knowledge work.
Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade developer portal based on the Backstage project.
Pegasystems announced the availability of new AI-driven legacy discovery capabilities in Pega GenAI Blueprint™ to accelerate the daunting task of modernizing legacy systems that hold organizations back.
Tricentis launched enhanced cloud capabilities for its flagship solution, Tricentis Tosca, bringing enterprise-ready end-to-end test automation to the cloud.