Progress announced the launch of Progress Data Cloud, a managed Data Platform as a Service designed to simplify enterprise data and artificial intelligence (AI) operations in the cloud.
Accurics Releases Open Source Terrascan Upgrade
August 17, 2020
Accurics unveiled a major upgrade to Terrascan, the open source static code analyzer that enables developers to build secure infrastructure as code (IaC).
The new release ensures Terraform templates avoid common security pitfalls in popular cloud providers such as AWS, Azure, and Google Cloud Platform. Built-in extensibility will enable support for other popular technologies such as AWS CloudFormation, Kubernetes, service mesh and serverless.
The new Terrascan architecture leverages the Open Policy Agent (OPA) engine from CNCF, which dramatically simplifies policy definition for developers that want to create custom policies as well as provides over 500 out-of-the-box policies for the CIS Benchmark.
“The rapid adoption of Infrastructure as Code is clearly meeting its intended goal: to help organizations achieve more reliability by programmatically embedding policy checks earlier in the development lifecycle,” said Cesar Rodriguez, head of Developer Advocacy at Accurics. “This is vital in an environment where the scale and velocity of cloud breaches is constantly increasing, and organizations are required to implement policy guardrails to ensure that cloud native infrastructure is securely defined and managed. Terrascan is already playing a key role in this process within many organizations, and the newest iteration takes these important capabilities much further.”
Terrascan is now available as a GitHub Action and is included in the popular Super-Linter GitHub Action. It can be installed as a pre-commit hook to help detect issues before code is pushed into your repository, and also integrated into the CI/CD pipeline.
Terrascan enhances the value of IaC used by organizations to define and manage cloud infrastructure. It emerged from a search for a scalable way to ensure that cloud infrastructure was configured in adherence with security best practices. Terrascan has already been downloaded by hundreds of developers to programmatically scan Terraform code (IaC) during development in order to track policy violations. It helps identify issues such as:
- Missing or misconfigured encryption on resources and communication
- Security Groups left open to the internet
- Inadvertent exposure of cloud services
- Insufficient logging for audit and compliance
Industry News
January 23, 2025
January 23, 2025
Sonar announced the release of its latest Long-Term Active (LTA) version, SonarQube Server 2025 Release 1 (2025.1).
January 23, 2025
Idera announced the launch of Sembi, a multi-brand entity created to unify its premier software quality and security solutions under a single umbrella.
January 22, 2025
Postman announced the Postman AI Agent Builder, a suite empowering developers to quickly design, test, and deploy intelligent agents by combining LLMs, APIs, and workflows into a unified solution.
January 22, 2025
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of CubeFS.
January 21, 2025
BrowserStack and Bitrise announced a strategic partnership to revolutionize mobile app quality assurance.
January 16, 2025
Mendix, a Siemens business, announced the general availability of Mendix 10.18.
January 16, 2025
Red Hat announced the general availability of Red Hat OpenShift Virtualization Engine, a new edition of Red Hat OpenShift that provides a dedicated way for organizations to access the proven virtualization functionality already available within Red Hat OpenShift.
January 16, 2025
Contrast Security announced the release of Application Vulnerability Monitoring (AVM), a new capability of Application Detection and Response (ADR).
January 15, 2025
Red Hat announced the general availability of Red Hat Connectivity Link, a hybrid multicloud application connectivity solution that provides a modern approach to connecting disparate applications and infrastructure.
January 15, 2025
Appfire announced 7pace Timetracker for Jira is live in the Atlassian Marketplace.
January 14, 2025
SmartBear announced the availability of SmartBear API Hub featuring HaloAI, an advanced AI-driven capability being introduced across SmartBear's product portfolio, and SmartBear Insight Hub.
January 14, 2025
Azul announced that the integrated risk management practices for its OpenJDK solutions fully support the stability, resilience and integrity requirements in meeting the European Union’s Digital Operational Resilience Act (DORA) provisions.
January 14, 2025
OpsVerse announced a significantly enhanced DevOps copilot, Aiden 2.0.
