Check Point® Software Technologies Ltd. announced a collaboration with Microsoft that utilizes the Microsoft Azure OpenAI Service to enhance Check Point Infinity AI Copilot, marking a significant advancement in cyber security AI applications.
Anchore announced release of a new major upgrade of its container security and compliance platform, Anchore Enterprise 3.0.
With the release of Anchore Enterprise 3.0 organizations can now protect against software supply chain threats from development to production and accelerate the delivery of secure,container-based software.
New capabilities in this release include:
- End-to-end container security from development to Kubernetes: Anchore Enterprise 3.0 broadens coverage of the software supply chain by making the security status of running images visible to developers and security teams. This provides added layers of security and reduces the risk of security breaches caused by insecure code being included in production applications.
- Distributed scanning that integrates seamlessly with developer workflows: Anchore Enterprise can now perform automated security checks locally on developer systems and within the CI/CD pipeline. This release includes new, lightweight tools that can be deployed at various points in the software development lifecycle and feed results back to the central Anchore Enterprise system to be processed based on organizational policies.
- Reduced false positives making developers more productive: Anchore Enterprise 3.0 provides new features that reduce false positives, enabling developers to focus on the critical security issues that must be fixed. Users can now easily correct any misidentifications to ensure that future checks have fewer false positives. Security teams can leverage time-based whitelists that enforce SLAs for developers to address security while avoiding repeated alerts.
- Remediation recommendations that reduce time and cost to fix security issues: This release provides automated remediation suggestions for vulnerable containers and enables security teams to triage policy violations, select remediation options, and issue notifications through tools like Jira, Slack, Teams, Gitlab, GitHub, traditional email and more. As a result, security issues are fixed earlier in the development lifecycle, resulting in lower costs and fewer delays.
"Digital transformation is driving companies and government agencies to improve their cybersecurity posture," said Saïd Ziouani, CEO of Anchore. "With Anchore Enterprise 3.0 we're expanding DevSecOps protections and reducing security risks by providing multiple layers of protection across the software supply chain. As organizations adopt 'defense in depth' strategies, they are seeking to significantly decrease the number of security issues that make it through to staging or production, where risks are higher and fixes are more costly. With this release we're making it easier to automate security checks from the earliest stages of the software development lifecycle all the way through production."
Industry News
ArmorCode announced ArmorCode Risk Prioritization, providing a 3D scoring approach for managing application security risks.
AppViewX and Fortanix announced a partnership to offer cloud-delivered secure digital identity management and code signing.
WaveMaker has updated its platform in response to customer demand for more sophisticated API and code management tools.
Vercara announced the launch of UltraAPI™, a product suite that protects APIs and web applications from malicious bots and fraudulent activity while ensuring regulatory compliance.
Legit Security announced the launch of its standalone enterprise secrets scanning product, which can detect, remediate, and prevent secrets exposure across the software development pipeline.
Progress announced a strategic partnership with Veeam® Software, the #1 leader by market share in Data Protection and Ransomware Recovery, to provide customers with an enterprise-ready cyber defense solution that strengthens the security of their business-critical data.
GitGuardian released its Software Composition Analysis (SCA) module.
DataStax announced a milestone in its journey to simplify enterprise retrieval-augmented generation (RAG) for developers by integrating with Microsoft Semantic Kernel.
Check Point® Software Technologies Ltd. is collaborating with NVIDIA to enhance the security of AI cloud infrastructure. Integrating NVIDIA BlueField DPUs, which feature a broad range of purpose-built, innovative security capabilities, the new Check Point AI Cloud Protect solution will help prevent threats at both the network and host levels.
Sentry announced the release of Autofix, an AI-powered feature to debug and fix code in minutes, saving important time and resources.
Apiiro announced a product integration and partnership with Secure Code Warrior, the agile developer security training platform, to extend its ASPM technology and processes to the people layer.
Progress announced that Progress® Semaphore™, its metadata management and semantic AI platform, was named a Champion in SoftwareReviews’ 2024 Metadata Management Emotional Footprint Awards.
The Cloud Native Computing Foundation® (CNCF®) has partnered with Udemy, an online skills marketplace and learning platform.
GitLab has acquired Oxeye, the provider of a cloud-native application security and risk management solution.