Accurics Integrates with GitLab
June 14, 2021

Accurics announced a technology partnership with GitLab as well as the general availability of its integration with GitLab's Static Application Security Testing (SAST) solution.

Accurics leverages the integration with GitLab to provide DevSecOps teams with a holistic, contextualized view of application and infrastructure risks. Organizations can now establish and programmatically enforce consistent risk management policies throughout the Software Development Lifecycle (SDLC) while minimizing the effort and expense of manual triage and investigation.

Cloud infrastructure and applications are traditionally deployed from two separate pipelines, which dissociates application security vulnerabilities from Infrastructure as Code (IaC) misconfigurations. As a result, developers are often left with a long list of vulnerabilities and misconfigurations to fix without the context required to prioritize remediation of those vulnerabilities and misconfigurations that could actually be exploited.

“The most effective innovation is often incremental – for example, new capabilities and additional functionality accompanied by relevant security advances,” said Om Moolchandani, Co-founder, CTO & CISO at Accurics. “In this environment, we see diverse and largely unconnected vulnerabilities and misconfigurations, collectively producing a level of noise that makes identifying the most serious risks vital but difficult. The partnership with GitLab serves to add greater context to every layer of code and strengthens the security risk posture throughout the extended development lifecycle.”

The integration with GitLab helps Accurics users overcome these challenges by correlating IaC, cloud, and SAST vulnerabilities to help mitigate risk throughout the SDLC and generate a threat score. This threat score can be used by policy guardrails established with Policy as Code, blocking the riskiest builds from being deployed into production while providing insight into less risky problems that don't warrant breaking the build. As a result, developers are able to focus resources on remediating the most immediate threats first.

“The growing adoption of GitOps practices and Infrastructure as Code necessitates scalable risk management tools,” said Nima Badiey, VP, Global Alliances at GitLab. “The integration between GitLab and Accurics will help customers to programmatically define infrastructure and risk management policies more effectively throughout the software development lifecycle.”

Share this

Industry News

April 18, 2024

SmartBear announced a new version of its API design and documentation tool, SwaggerHub, integrating Stoplight’s API open source tools.

April 18, 2024

Red Hat announced updates to Red Hat Trusted Software Supply Chain.

April 18, 2024

Tricentis announced the latest update to the company’s AI offerings with the launch of Tricentis Copilot, a suite of solutions leveraging generative AI to enhance productivity throughout the entire testing lifecycle.

April 17, 2024

CIQ launched fully supported, upstream stable kernels for Rocky Linux via the CIQ Enterprise Linux Platform, providing enhanced performance, hardware compatibility and security.

April 17, 2024

Redgate launched an enterprise version of its database monitoring tool, providing a range of new features to address the challenges of scale and complexity faced by larger organizations.

April 17, 2024

Snyk announced the expansion of its current partnership with Google Cloud to advance secure code generated by Google Cloud’s generative-AI-powered collaborator service, Gemini Code Assist.

April 16, 2024

Kong announced the commercial availability of Kong Konnect Dedicated Cloud Gateways on Amazon Web Services (AWS).

April 16, 2024

Pegasystems announced the general availability of Pega Infinity ’24.1™.

April 16, 2024

Sylabs announces the launch of a new certification focusing on the Singularity container platform.

April 15, 2024

OpenText™ announced Cloud Editions (CE) 24.2, including OpenText DevOps Cloud and OpenText™ DevOps Aviator.

April 15, 2024

Postman announced its acquisition of Orbit, the community growth platform for developer companies.

April 11, 2024

Check Point® Software Technologies Ltd. announced new email security features that enhance its Check Point Harmony Email & Collaboration portfolio: Patented unified quarantine, DMARC monitoring, archiving, and Smart Banners.

April 11, 2024

Automation Anywhere announced an expanded partnership with Google Cloud to leverage the combined power of generative AI and its own specialized, generative AI automation models to give companies a powerful solution to optimize and transform their business.

April 11, 2024

Jetic announced the release of Jetlets, a low-code and no-code block template, that allows users to easily build any technically advanced integration use case, typically not covered by alternative integration platforms.

April 10, 2024

Progress announced new powerful capabilities and enhancements in the latest release of Progress® Sitefinity®.