Checkmarx announced a new generation in software supply chain security with its Secrets Detection and Repository Health solutions to minimize application risk.
Sysdig Partners with VulnDB
September 02, 2020
Sysdig announced the addition of VulnDB as a third-party vulnerability source.
VulnDB, from Risk Based Security, is a comprehensive, timely, and actionable source of vulnerability intelligence.
With this partnership, the Sysdig Secure DevOps Platform extends its image scanning capabilities to provide richer findings around vulnerabilities in third-party libraries and dependencies. Combined with the wide range of vulnerability databases the Sysdig platform checks against, the comprehensive data from VulnDB enables organizations to more effectively identify, track, and reduce security risk. To support this activity, Sysdig added a new VulnDB view to the Sysdig dashboards.
Image scanning is critical to the ‘shift-left’ approach for security and should be integrated into the build process to validate images added to the container registry, and during runtime to ensure new vulnerabilities, secrets, and license violations are not introduced during production. Image scanning is one of 10 workflows that span security, compliance, and monitoring that Sysdig provides to help organizations manage security risk and maximize availability. As Sysdig scans images, VulnDB provides Sysdig customers with increased vulnerability coverage and further strengthens reporting on vulnerabilities.
VulnDB provides more than 76,000 additional vulnerabilities not found in the publicly available Common Vulnerabilities and Exposures (CVE) database and provides the most comprehensive vulnerability database. The new VulnDB view in the Sysdig dashboards helps organizations to quickly identify vulnerabilities, recommend a fix, and speed remediation. For each vulnerability detected, developers can immediately see every package affected, along with the version impacted and the Common Vulnerability Scoring System (CVSS) score. The VulnDB and vendor scores help teams focus on high-risk issues and understand who is responsible for the fix.
“As organizations move to the cloud, they often rely too heavily on default vulnerability data, which isn’t enough for most organizations,” said Omer Azaria, VP of Engineering at Sysdig. “Partnering with VulnDB adds a valuable intelligence feed, enabling us to give Sysdig customers the most comprehensive aggregation of vulnerabilities and visibility to their risks. Addressing issues during the build process is fundamental to accelerating application delivery while managing risk.”
Current Sysdig customers have access to the VulnDB data and will find the new views in their dashboards today.
Industry News
January 08, 2025
SmartBear has appointed Dan Faulkner, the company’s Chief Product Officer, as Chief Executive Officer.
January 07, 2025
Horizon3.ai announced the release of NodeZero™ Kubernetes Pentesting, a new capability available to all NodeZero users.
January 06, 2025
Veracode acquired certain assets of Phylum, including its malicious package analysis, detection, and mitigation technology.
January 06, 2025
AppViewX announced the completion of its acquisition by Haveli Investments.
December 19, 2024
Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).
December 19, 2024
Progress announced its partnership with the American Institute of CPAs (AICPA), the world’s largest member association representing the CPA profession.
December 18, 2024
Kurrent announced $12 million in funding, its rebrand from Event Store and the official launch of Kurrent Enterprise Edition, now commercially available.
December 18, 2024
Blitzy announced the launch of the Blitzy Platform, a category-defining agentic platform that accelerates software development for enterprises by autonomously batch building up to 80% of software applications.
December 17, 2024
Sonata Software launched IntellQA, a Harmoni.AI powered testing automation and acceleration platform designed to transform software delivery for global enterprises.
December 17, 2024
Sonar signed a definitive agreement to acquire Tidelift, a provider of software supply chain security solutions that help organizations manage the risk of open source software.
December 17, 2024
Kindo formally launched its channel partner program.
December 16, 2024
Red Hat announced the latest release of Red Hat Enterprise Linux AI (RHEL AI), Red Hat’s foundation model platform for more seamlessly developing, testing and running generative artificial intelligence (gen AI) models for enterprise applications.
December 16, 2024
Fastly announced the general availability of Fastly AI Accelerator.
