StackGen has partnered with Google Cloud Platform (GCP) to bring its platform to the Google Cloud Marketplace.
StepSecurity announced the launch of its GitHub Actions Security Platform to counter escalating cyber threats targeting CI/CD environments.
StepSecurity Platform offers GitHub Actions Security to protect against SolarWinds & Codecov-style CI/CD attacks
StepSecurity's platform targets GitHub Actions, a popular CI/CD provider among open-source projects and enterprises. Recognizing the platform's extensive adoption, StepSecurity has focused on fortifying security for users of GitHub Actions while also planning to expand its security platform to more CI/CD providers.
The StepSecurity Platform offers GitHub Actions Runtime Security to protect against SolarWinds & Codecov-style CI/CD attacks in GitHub-Hosted and Actions Runner Controller (ARC) environments. Once you deploy StepSecurity, it creates a secure-by-default CI/CD Environment. You get visibility into the network and file events associated with each step of your GitHub Actions workflow runs. You can further secure your environment by enforcing runtime security policies. For ARC environments, no code changes are needed to enable security observability and network traffic filtering.
Varun Sharma, CEO and Co-Founder of StepSecurity stated, "At StepSecurity, our approach to countering CI/CD attacks is rooted in comprehensive research and novel strategies. We have developed a solution based on first principles rather than merely applying outdated security approaches to this new, evolving problem."
The platform is free for open-source projects, with a paid subscription for private repositories.
Industry News
Tricentis announced its spring release of new cloud capabilities for the company’s AI-powered, model-based test automation solution, Tricentis Tosca.
Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.
AutonomyAI announced its launch from stealth with $4 million in pre-seed funding.
Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.
Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.
Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.
Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.
Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.
Platform9 announced that Private Cloud Director Community Edition is generally available.
Sonatype expanded support for software development in Rust via the Cargo registry to the entire Sonatype product suite.
CloudBolt Software announced its acquisition of StormForge, a provider of machine learning-powered Kubernetes resource optimization.