Progress announced the launch of Progress Data Cloud, a managed Data Platform as a Service designed to simplify enterprise data and artificial intelligence (AI) operations in the cloud.
Red Hat announced Red Hat Trusted Software Supply Chain, a solution that enhances resilience to software supply chain vulnerabilities.
As part of this solution, two new cloud services, Red Hat Trusted Application Pipeline and Red Hat Trusted Content, are joining in preview mode the existing Red Hat software and cloud services, including Quay and Advanced Cluster Security (ACS), to advance the successful adoption of DevSecOps practices, and embed security into the software development lifecycle.
With Red Hat Trusted Software Supply Chain, customers can more quickly and efficiently code, build and monitor their software using proven platforms, trusted content and real-time security scanning and remediation. The solution builds on Red Hat’s 30+ years of customer and industry trust, earned by consistently delivering hardened open source solutions that make it easier for enterprises to accelerate hybrid cloud adoption while still retaining an effective IT security posture.
The software and services delivered as part of Red Hat Trusted Software Supply Chain enhance an organization’s resilience to vulnerabilities across the modern software development lifecycle. Red Hat Trusted Content builds on a foundation of security-enhanced systems software, with thousands of trusted packages in Red Hat Enterprise Linux alone and a catalog of critical application runtimes across Java, Node, and Python ecosystems. The service provides customers with enterprise-hardened trusted content and knowledge about the open-source packages in customer applications.
The basis for Red Hat Trusted Application Pipeline comes from Red Hat’s work in the creation, launch and maintenance of sigstore, which provides a freely-available standard for cloud-native secure signing, as well as providing critical pieces of shared security infrastructure to many upstream communities. Trusted Application Pipeline offers a security-forward Continuous Integration/Continuous Delivery (CI/CD) service that simplifies the adoption of the processes, technologies and expertise that Red Hat uses to build production software.
Available as a service preview in the coming weeks, Red Hat Trusted Content will provide developers with real-time knowledge of known vulnerabilities and security risks within their open source software dependencies. The service will also suggest available remediations to minimize risks, helping to reduce development time and cost. Red Hat Trusted Content provides access to Red Hat-built and -curated open source software content, with provenance and attestation, using Red Hat's internal best practices. Once an application is in production, the service proactively monitors and alerts users of known new and emerging risks in their open source dependencies, allowing for quicker remediation of emerging threats.
Red Hat Trusted Application Pipeline, available as a service preview now, helps customers enhance the security of application software supply chains with an integrated CI/CD pipeline. Applications can be more effectively built and more easily integrated into Linux containers and then deployed onto Red Hat OpenShift or other Kubernetes platforms with just a few clicks.
With Red Hat Trusted Application Pipeline, Red Hat customers can:
- Import git repositories and configure container-native continuous build, test, and deployment pipelines via a cloud service in just a few steps;
- Inspect source code and transitive dependencies;
- Auto-generate Software Bills of Materials (SBOM) within builds; and
- Verify and promote container images via a release criteria policy engine that helps confirm consistency with industry frameworks like Supply chain Levels for Software Artifacts (SLSA).
Industry News
Sonar announced the release of its latest Long-Term Active (LTA) version, SonarQube Server 2025 Release 1 (2025.1).
Idera announced the launch of Sembi, a multi-brand entity created to unify its premier software quality and security solutions under a single umbrella.
Postman announced the Postman AI Agent Builder, a suite empowering developers to quickly design, test, and deploy intelligent agents by combining LLMs, APIs, and workflows into a unified solution.
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of CubeFS.
BrowserStack and Bitrise announced a strategic partnership to revolutionize mobile app quality assurance.
Mendix, a Siemens business, announced the general availability of Mendix 10.18.
Red Hat announced the general availability of Red Hat OpenShift Virtualization Engine, a new edition of Red Hat OpenShift that provides a dedicated way for organizations to access the proven virtualization functionality already available within Red Hat OpenShift.
Contrast Security announced the release of Application Vulnerability Monitoring (AVM), a new capability of Application Detection and Response (ADR).
Red Hat announced the general availability of Red Hat Connectivity Link, a hybrid multicloud application connectivity solution that provides a modern approach to connecting disparate applications and infrastructure.
Appfire announced 7pace Timetracker for Jira is live in the Atlassian Marketplace.
SmartBear announced the availability of SmartBear API Hub featuring HaloAI, an advanced AI-driven capability being introduced across SmartBear's product portfolio, and SmartBear Insight Hub.
Azul announced that the integrated risk management practices for its OpenJDK solutions fully support the stability, resilience and integrity requirements in meeting the European Union’s Digital Operational Resilience Act (DORA) provisions.
OpsVerse announced a significantly enhanced DevOps copilot, Aiden 2.0.