Progress announced new powerful capabilities and enhancements in the latest release of Progress® Sitefinity®.
Data Theorem announced the launch of Code Secure, the latest evolution in application security designed to protect the software supply chain from code to deployment.
Code Secure integrates Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Supply Chain Security capabilities—including Software Bill of Materials (SBOM) management—into a comprehensive product offering.
This solution offers application security teams dynamically verified insights into vulnerabilities, open-source dependencies, and the overall software composition, encompassing both first and third-party components. By automating the analysis of security issues across the entire codebase, Code Secure minimizes the manual effort involved in sifting through vast amounts of data. It empowers teams to prioritize the most critical vulnerabilities, enabling faster remediation and strengthening security earlier in the development lifecycle. This proactive approach significantly reduces the risk of breaches, while ensuring continuous compliance with industry standards, providing peace of mind as applications scale in complexity.
Code Secure's Full Stack Security analysis offers advantages by providing visibility across all layers of an application's architecture—from code, APIs, and open-source libraries to cloud environments and third-party components. By connecting these elements in a single, cohesive view, Code Secure enables security teams to not only identify vulnerabilities in isolation but to understand how they interrelate and impact the overall security posture. This full-stack visibility allows teams to address root causes more effectively, improving the accuracy of risk assessments and enhancing their ability to defend against evolving attack vectors. Ultimately, this helps organizations maintain a stronger, more resilient security posture, even as applications evolve through development, deployment, and scaling.
"Data Theorem is committed to leading the market in application and API security innovation," said Doug Dooley, COO at Data Theorem. "With Code Secure, we've built on the foundation of our Supply Chain Secure product to offer an integrated approach that helps security and DevOps teams confidently secure their software. By consolidating SAST, SCA, and SBOM management with real-time verification and attack path visualization, Code Secure delivers unparalleled protection for organizations. This new, integrated code security offering delivers significant cost savings and simplicity for customers seeking to eliminate complexity and alert fatigue often associated with their legacy SAST and SCA scanning tools."
Key Differentiators of Code Secure Include:
- Tool Consolidation: Code Secure integrates SAST, SCA, Supply Chain, and SBOM management, reducing the need for multiple, overlapping tools.
- Dynamic Verification: DAST (Dynamic Application Security Testing) verification of code findings for APIs and applications ensures more accurate identification of vulnerabilities.
- Attack Path Visualization: Code-level violations are incorporated into attack path visualizations, providing security teams with a clearer understanding of potential exploit pathways.
Code Secure is available now.
Industry News
Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.
Securiti announced a new solution - Security for AI Copilots in SaaS apps.
Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, has announced significant momentum around cloud native training and certifications with the addition of three new project-centric certifications and a series of new Platform Engineering-specific certifications:
Red Hat announced the latest version of Red Hat OpenShift AI, its artificial intelligence (AI) and machine learning (ML) platform built on Red Hat OpenShift that enables enterprises to create and deliver AI-enabled applications at scale across the hybrid cloud.
Salesforce announced agentic lifecycle management tools to automate Agentforce testing, prototype agents in secure Sandbox environments, and transparently manage usage at scale.
OpenText™ unveiled Cloud Editions (CE) 24.4, presenting a suite of transformative advancements in Business Cloud, AI, and Technology to empower the future of AI-driven knowledge work.
Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade developer portal based on the Backstage project.
Pegasystems announced the availability of new AI-driven legacy discovery capabilities in Pega GenAI Blueprint™ to accelerate the daunting task of modernizing legacy systems that hold organizations back.
Tricentis launched enhanced cloud capabilities for its flagship solution, Tricentis Tosca, bringing enterprise-ready end-to-end test automation to the cloud.
Rafay Systems announced new platform advancements that help enterprises and GPU cloud providers deliver developer-friendly consumption workflows for GPU infrastructure.
Apiiro introduced Code-to-Runtime, a new capability using Apiiro’s deep code analysis (DCA) technology to map software architecture and trace all types of software components including APIs, open source software (OSS), and containers to code owners while enriching it with business impact.
Zesty announced the launch of Kompass, its automated Kubernetes optimization platform.
MacStadium announced the launch of Orka Engine, the latest addition to its Orka product line.