Security News
Tenable enhanced Terrascan, an open source cloud native security analyzer that helps developers secure Infrastructure as Code. "It's now more critical than ever for developers to have tools that can detect compliance and security violations across their entire cloud systems, including IaC," said Nico Popp, chief product officer, Tenable.
Dynatrace announced the findings from an independent global survey of 1,300 development and DevOps leaders, which revealed the primary challenges organizations are facing as they attempt to keep up with demand for digital innovation. The research highlighted that scaling DevOps and SRE practices is critical to accelerating the release of high-quality digital services.
Microsoft revoked insecure SSH keys some Azure DevOps have generated using a GitKraken git GUI client version impacted by an underlying issue found in one of its dependencies. The decision to revoke the keys was taken after GitKraken's developer Axosoft notified Microsoft on September 28 that a bug in the keypair library's pseudo-random number generator led to duplicate RSA keys being generated.
The last year was challenging for every business sector, and none more than healthcare which was under enormous pressure to provide care while changing the way many services are delivered. According to data from a Redgate Software report, the importance of IT in enabling and facilitating that change has been key to success for the healthcare sector, with DevOps adoption, cloud use and cross-platform database development all increasing markedly.
JFrog has accelerated its efforts to provide security offering to support DevOps users as they respond to the disruption in the market for continuous software delivery. As part of the JFrog Platform, Vdoo will accelerate JFrog's vision of becoming the company behind all software updates and creating a world of Liquid Software by expanding its end-to-end DevOps Platform offering, providing holistic security from the development environment all the way to edges, IoT and devices.
Aqua Security announces that Aqua Trivy is now the default scanner for GitLab Auto DevOps. "One of the primary reasons behind the default scanner change was the ease of use with Trivy compared to alternative open source scanner options," says Sam White, Sr. Product Manager at GitLab.
The company collaborated with 12 companies, including real estate market disruptor Compass, in private beta for six months to increase the speed of every continuous integration/continuous delivery process that runs on Bitrise. Bitrise selected a dozen of the world's most advanced mobile-first organizations to trial its second-generation platform before releasing it widely.
KubeSphere Community announced the general availability of KubeSphere 3.1.0. KubeSphere, as an app-centric distributed operating system running on top of Kubernetes, has further expanded its portfolio to deliver more robust experiences for users across the globe, enabling DevOps teams to run Kubernetes workloads where and when they want with ease and security.
You can only get rid of WAF if you fully implement security into your development process and audit the process via code reviews and annual tests. DevSecOps can't be realistically implemented for all web apps in the enterprise environment, so WAF will stick around because it still has a job to do.
Cycode, an Israeli startup focused on securing DevOps tools, today announced that it has raised $20 million in Series A funding, which brings the total capital raised by the company up to $25 million. Founded in 2019, the Tel Aviv-based Cycode aims to provide visibility into source code, as well as the necessary means to detect anomalies and respond to them.