Progress announced the speaker lineup for the MarkLogic World Tour US, taking place September 23-25, 2024, at the Bethesda Marriott in Maryland.
Terrascan Extends Policy as Code Support to Helm, Kustomize
November 17, 2020
Accurics announced that Terrascan, the open source static code analyzer that enables developers to build secure infrastructure as code (IaC), has been extended to support Helm and Kustomize, both projects from the Cloud Native Computing Foundation (CNCF) that have gained immense popularity.
This enables organizations to ensure applications on Kubernetes clusters are secure and compliant before they are deployed.
“Given the increasing scale and velocity of cloud breaches, organizations need policy guardrails to ensure that cloud native infrastructure is securely defined and managed,” said Cesar Rodriguez, creator of Terrascan and head of Developer Advocacy at Accurics. “Now, with the additional support for Helm and Kustomize, teams using Terrascan to programmatically establish Policy as Code guardrails in their high-velocity, component-based Kubernetes projects have a way to reduce security risks without impeding development. This will help drive innovation and broaden adoption of Kubernetes.”
For its part, Helm is a package manager that offers an easy way to find, share and use software built for Kubernetes. It is currently used by a variety of organizations, including AT&T, Bitnami, CERN, Conde Nast, Microsoft and VMWare. Since its inception, there have been more than 13,000 contributions representing over 1,500 companies. Kustomize, meanwhile, is a standalone tool used to customize Kubernetes objects. The two projects are regularly downloaded millions of times a month.
The rapid adoption of IaC enables organizations to codify policy checks early in the development lifecycle with Policy as Code (PaC). Terrascan, which is maintained by Accurics, is used by thousands of developers to implement PaC using a library of 500+ out-of-the-box policies to scan IaC against common policy standards such as the CIS Benchmark, and govern Terraform and Kubernetes during development, greatly enhancing their value. It helps spot issues such as server-side encryption misconfigurations, security groups left open for public browsing, and access logs not enabled on resources that support them. Extending these benefits to the Helm and Kustomize user base greatly expands the universe of potential advantages.
Governing risk in the diverse cloud native ecosystem has traditionally required numerous tools and policy sets. With enhanced support for the Kubernetes ecosystem and an open architecture based on the Open Policy Agent (OPA), Terrascan enables enterprises to protect these technologies with a single tool and consistent policies.
Industry News
September 19, 2024
September 19, 2024
Citrix announced the general availability of Citrix VDA for macOS, expanding their desktop virtualization solutions, and MacStadium support this launch with its industry-leading IaaS offering, optimized for Citrix VDA for macOS deployments in the cloud.
September 19, 2024
Elastic announced the Elasticsearch Open Inference API now supports Hugging Face models with native chunking through the integration of the semantic_text field.
September 19, 2024
Codecov by Sentry, a dedicated code coverage reporting solution, announced Bundle Analysis and Test Analytics, two new solutions designed to accelerate workflows and arm developers with actionable insights to create a seamless development experience.
September 19, 2024
NightVision released API eNVy, an Application Programming Interface (API) solution that enables organizations to discover and document APIs in seconds.
September 19, 2024
Kong announced the global expansion of its Kong Konnect Dedicated Cloud Gateways.
September 18, 2024
MacStadium announced the General Availability of Orka Desktop 3.0, a powerful, user-friendly tool that allows developers, testers, and macOS admins to create, test, and manage macOS virtual machines (VMs) on local Apple silicon-based computers.
September 18, 2024
Komodor announced Klaudia, a Generative AI (GenAI) agent for troubleshooting and remediating operational issues, as well as optimizing Kubernetes environments.
September 18, 2024
Inflectra announced the launch of Rapise v8, a test automation solution that uses the power of Generative AI to deliver true autonomous testing.
September 17, 2024
Check Point® Software Technologies Ltd. has been recognized as one of theWorld’s Best Companies of 2024 by TIME and Statista.
Check Point made its debut on the list due to its strong employee satisfaction, revenue growth, and ESG efforts.
September 17, 2024
Oracle announced the availability of Java 23, the latest version of the programming language and development platform.
September 17, 2024
JFrog announced a new product integration with NVIDIA NIM microservices, part of the NVIDIA AI Enterprise software platform.
September 17, 2024
Tigera announced several new features for Calico Cloud and Calico Enterprise to improve the efficiency of remediating vulnerabilities in container images, and ensure compatibility with the latest deployment options for OpenShift.
September 17, 2024
Gearset announced the acquisition of Clayton, a code analysis platform designed specifically for Salesforce.
September 16, 2024
Docker is introducing a new way for developers and organizations to access its suite of products – including Docker Desktop, Docker Hub, Docker Trusted Content, Docker Scout, Docker Build Cloud, and Testcontainers Cloud.
