Broadcom announced the general availability of VMware Tanzu Platform 10 that establishes a new layer of abstraction across Cloud Foundry infrastructure foundations to make it easier, faster, and less expensive to bring new applications, including GenAI applications, to production.
ShiftLeft announced general availability of ShiftLeft Educate, a solution that delivers highly-effective security training for developers within the developer workflow.
Designed in partnership with Application Security Training platform Kontra, ShiftLeft Educate provides consistent and contextual training for developers of different skill levels, enabling them to quickly learn security best practices and fixes for issues currently in their code.
“Discovering vulnerabilities in code is the first step in reducing risk, and remediation needs to be performed by skilled developers. Yet teams are too often left to self-source fix information. Contending with a patchwork of sources that are not always reliable as well as different remediation methods for the same issue, teams can be left with ineffective fixes and confusion across each other's code,” said Manish Gupta, CEO, ShiftLeft. “The security training we’ve created with ShiftLeft Educate clearly presents vulnerabilities and solutions at the developer’s fingertips while still being suited to different learning styles, making it exceptionally efficient and effective.”
ShiftLeft Educate is integrated directly into ShiftLeft CORE code security platform. When a vulnerability is discovered in ShiftLeft’s analysis, ShiftLeft Educate delivers bite-sized security training without requiring developers to seek out external resources to learn about the vulnerability. Educate also recognizes vulnerabilities identified by ShiftLeft CORE and provides comprehensive and reliable remediation guidance specific to the programming language and vulnerability category.
Additional key features of ShiftLeft Educate include:
- Analysis that shows the full data path of the vulnerability through the developer’s code
- Select training resources appropriate to language and vulnerability type based on CWE and OWASP category
- Interactive videos, real world examples and mitigation information provided by Kontra, along with multiple angles on vulnerabilities – showing paths from the attacker’s view and developer’s view
- A paid version enabling customers to roll out, assign, and track completion of application security training for each developer in the organization
Industry News
Tricentis announced the expansion of its test management and analytics platform, Tricentis qTest, with the launch of Tricentis qTest Copilot.
Redgate is introducing two new machine learning (ML) and artificial intelligence (AI) powered capabilities in its test data management and database monitoring solutions.
Upbound announced significant advancements to its platform, targeting enterprises building self-service cloud environments for their developers and machine learning engineers.
Edera announced the availability of Am I Isolated, an open source container security benchmark that probes users runtime environments and tests for container isolation.
Progress announced 10 years of partnership with emt Distribution — a leading cybersecurity distributor in the Middle East and Africa.
Port announced $35 million in Series B funding, bringing its total funding to $58M to date.
Parasoft has made another step in strategically integrating AI and ML quality enhancements where development teams need them most, such as using natural language for troubleshooting or checking code in real time.
MuleSoft announced the general availability of full lifecycle AsyncAPI support, enabling organizations to power AI agents with real-time data through seamless integration with event-driven architectures (EDAs).
Numecent announced they have expanded their Microsoft collaboration with the launch of Cloudpager's new integration to App attach in Azure Virtual Desktop.
Progress announced the completion of the acquisition of ShareFile, a business unit of Cloud Software Group, providing a SaaS-native, AI-powered, document-centric collaboration platform, focusing on industry segments including business and professional services, financial services, industrial and healthcare.
Incredibuild announced the acquisition of Garden, a provider of DevOps pipeline acceleration solutions.
The Open Source Security Foundation (OpenSSF) announced an expansion of its free course “Developing Secure Software” (LFD121).
Redgate announced that its core solutions are listed in Amazon Web Services (AWS) Marketplace.
LambdaTest introduced a suite of new features to its AI-powered Test Manager, designed to simplify and enhance the test management experience for software development and QA teams.