Progress announced new powerful capabilities and enhancements in the latest release of Progress® Sitefinity®.
Veracode Introduces New GitHub Action
October 05, 2020
Veracode announced a new GitHub Action to provide developers with an easy and familiar way to ensure that the code they are writing is secure – as they write it. The action enables developers to perform Veracode’s Static Policy Scan workflow, initiate a pipeline scan, and consume pipeline scan results all within GitHub’s code scanning UI.
GitHub Actions CI/CD helps developers improve time to market by allowing them to build, test and deploy code directly from within GitHub. Developers can invoke Veracode’s Static Analysis (SAST) scans from GitHub Actions, significantly expanding the security testing capabilities for developers leveraging GitHub workflows, and allowing them to build security directly into their DevOps processes and scale development across the team.
John Leon, VP of Business Development at GitHub, said, “Veracode understands the importance of shifting left in the development lifecycle to enable teams to find and fix flaws at scale. With software development moving at breakneck speed, this new GitHub Action further enables our joint customers to develop secure software, without compromising speed or quality – all within a familiar interface.”
Veracode’s Static Analysis solution enables DevSecOps by providing fast, automated and actionable security feedback to developers in their pipeline – when they compile their code or when they check in their code - and conducting a full policy scan before deployment. With the new GitHub Action, developers can control Veracode scans as they write code within the GitHub environment and get clear guidance on how to remediate issues. Scan results are converted into GitHub code scanning alerts. When code is ready for deployment, developers can conduct the Veracode Policy Scan for a full assessment of the code, with an audit trail for compliance that can be previewed before triggering alerts. Veracode results have high accuracy without manual tuning as a result of the intelligence of Veracode’s SaaS platform which has scanned more than 21 trillion lines of code, to date.
Ian McLeod, Chief Product Officer at Veracode, said, “Secure development at scale is only possible if developers assume ownership of ensuring that the code they are writing is secure from the start. It’s therefore critical that we provide tools and integrations that simplify the job for the developer and make the capabilities available in the tools they use every day. Our new GitHub Action provides a seamless experience that saves developers time, while giving them the confidence that the code they’re writing is secure.”
Veracode tools are available as GitHub Actions in the GitHub Marketplace.
Industry News
November 21, 2024
November 21, 2024
Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.
November 21, 2024
Securiti announced a new solution - Security for AI Copilots in SaaS apps.
November 20, 2024
Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.
November 20, 2024
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, has announced significant momentum around cloud native training and certifications with the addition of three new project-centric certifications and a series of new Platform Engineering-specific certifications:
November 20, 2024
Red Hat announced the latest version of Red Hat OpenShift AI, its artificial intelligence (AI) and machine learning (ML) platform built on Red Hat OpenShift that enables enterprises to create and deliver AI-enabled applications at scale across the hybrid cloud.
November 20, 2024
Salesforce announced agentic lifecycle management tools to automate Agentforce testing, prototype agents in secure Sandbox environments, and transparently manage usage at scale.
November 19, 2024
OpenText™ unveiled Cloud Editions (CE) 24.4, presenting a suite of transformative advancements in Business Cloud, AI, and Technology to empower the future of AI-driven knowledge work.
November 19, 2024
Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade developer portal based on the Backstage project.
November 19, 2024
Pegasystems announced the availability of new AI-driven legacy discovery capabilities in Pega GenAI Blueprint™ to accelerate the daunting task of modernizing legacy systems that hold organizations back.
November 19, 2024
Tricentis launched enhanced cloud capabilities for its flagship solution, Tricentis Tosca, bringing enterprise-ready end-to-end test automation to the cloud.
November 19, 2024
Rafay Systems announced new platform advancements that help enterprises and GPU cloud providers deliver developer-friendly consumption workflows for GPU infrastructure.
November 19, 2024
Apiiro introduced Code-to-Runtime, a new capability using Apiiro’s deep code analysis (DCA) technology to map software architecture and trace all types of software components including APIs, open source software (OSS), and containers to code owners while enriching it with business impact.
November 19, 2024
Zesty announced the launch of Kompass, its automated Kubernetes optimization platform.
November 18, 2024
MacStadium announced the launch of Orka Engine, the latest addition to its Orka product line.
