Security News

GrammaTech CodeSonar extends DevSecOps to embedded software development
2021-08-19 02:30

GrammaTech announced the latest version of SAST platform CodeSonar, which automates the detection of coding defects to accelerate the implementation of DevSecOps methodologies in embedded software development pipelines. GrammaTech CodeSonar now supports all leading development languages in one unified platform and integrates with GitHub Actions to provide native static application security testing capabilities for embedded code.

ZeroNorth launches two trial offerings to help progress DevSecOps
2021-08-03 02:00

ZeroNorth announced two trial offerings, its 60-Day AppSec Visualization trial and its 90-Day AppSec Quick Start trial. “Today’s organizations know AppSec is not optional, and many are also...

Apps Built Better: Why DevSecOps is Your Security Team’s Silver Bullet
2021-07-14 16:33

DevSecOps puts security at the forefront of the development process as a whole, ensuring that good cyber-hygiene remains top-of-mind for developers and operators from start to finish. The Building Security In Maturity Model, a.k.a. BSIMM, is a great resource listing over 120 security best practices, to help development teams keep these measures top of mind when designing their solutions.

Secure Code Warrior enhances partner program, extends DevSecOps vendors integrations
2021-06-29 00:30

At its inaugural Global Partner Virtual Summit, Secure Code Warrior announced significant enhancements to its global partner program, as well as expanded integrations with leading DevSecOps vendors that extend its developer-centric approach to secure coding further into the global developer ecosystem. Pieter Danhieux, CEO and co-founder of Secure Code Warrior, said, "The Warrior Partner Program is a platform to maximise the potential of developer-centric security. By enabling partners to offer or integrate Secure Code Warrior as a core component of their DevSecOps or AppSec solution offerings, we can jointly reach more of the world's 25 million developers as they increase their software security skills."

The state of AppSec and the journey to DevSecOps
2021-05-24 03:30

While the perceived benefits of DevSecOps to both security and DevOps are high, much progress must be made in defining a repeatable and consistent governance model for true DevSecOps to take hold, a ZeroNorth survey of 250 global security, DevOps and IT professionals reveals. Specifically, the survey finds that while 76% of developers and engineers believe DevOps will own AppSec within three years, only 56% of AppSec professionals agree.

Infrastructure drift: A multidimensional problem with the need for new DevSecOps tools
2021-05-13 04:30

As modern infrastructures get more complex everyday, DevOps teams have a hard time tracking infrastructure drift. The multiplicity of parameters turns infrastructure drift into a multidimensional issue as this situation implies tracking changes across a combination of setups over time.

Red Hat OpenShift Platform Plus helps customers adopt DevSecOps across the hybrid cloud
2021-04-29 01:30

Red Hat announced Red Hat OpenShift Platform Plus, a new edition of the enterprise Kubernetes platform designed to provide a holistic solution to help customers adopt DevSecOps across the entirety of the hybrid cloud. Red Hat OpenShift Kubernetes Engine is the foundational edition of Red Hat OpenShift, delivering enterprise Kubernetes on a foundation of Red Hat Enterprise Linux CoreOS to run containers more securely across the hybrid cloud.

DevSecOps Company Sysdig Raises $188 Million at $1.19 Billion Valuation
2021-04-28 12:41

DevSecOps company Sysdig on Wednesday announced becoming a "Unicorn" after raising $188 million in a Series F funding round at a valuation of $1.19 billion. The latest funding round, which brings the total raised by the company to $394 million, was led by Premji Invest & Associates and Third Point Ventures, with participation from Accel, Bain Capital Ventures, DFJ Growth, Glynn Capital, Goldman Sachs, Insight Partners, and Next47.

BoxBoat reports momentum for BoxOps, its platform for DevSecOps managed services
2021-04-15 23:10

BoxBoat announced that it is realizing significant managed services revenue growth driven by greater customer adoption of its BoxOps platform. BoxOps is BoxBoat's DevSecOps managed service platform.

Week in review: Most used MITRE ATT&CK tactics, boosting the “Sec” in DevSecOps
2021-02-21 08:55

Phishers tricking users via fake LinkedIn Private Shared DocumentPhishers are trying to trick users into opening a "LinkedIn Private Shared Document" and entering their login credentials into a fake LinkedIn login page, security researcher JB Bowers warns. Apple details major security, privacy enhancements in its devicesApple has released on Thursday a newer version of its Platform Security Guide, outlining the security and privacy innovations and improvements its users will be able to take advantage of.