OpenText™ announced Cloud Editions (CE) 24.2, including OpenText DevOps Cloud and OpenText™ DevOps Aviator.
Aqua Security and Pivotal Partner on Application Security
October 18, 2018
Aqua Security announced the general availability of Aqua Security for (PCF) as an integrated service for Pivotal Cloud Foundry (PCF).
Pivotal users can now download and install the Aqua Security for PCF service from Pivotal Network, and use it to scan application or container artifacts for vulnerabilities. Aqua Security for PCF empowers Pivotal Cloud Foundry users to apply Aqua Security's best practices early on in the build process to ensure that only code that complies with their organization's security and compliance policies is deployed.
"Aqua Security provides valuable insights into IT security posture with automated security scans, threat detection, remediation, and expedited compliance processes at scale," said Nima Badiey, Head of Technology Ecosystem at Pivotal. "We are excited to make this integrated solution available to all Pivotal customers through the Pivotal Services Marketplace. One of the many advantages of using Pivotal to build containerized, cloud-native applications is that it presents an opportunity to improve application security, and Aqua helps Pivotal customers do that at DevOps speed."
Aqua Security for PCF provides enterprise customers with the following capabilities:
- Automatically scan application or container artifacts for known vulnerabilities, based on an updated feed from multiple resources (e.g., public CVEs, vendor-issued, proprietary vulnerability data streams and malware lists)
- Identify unauthorized application or container artifacts based on pre-configured assurance policies that check for:
Authorization
CVEs and score
Presence of hard-coded secrets
Presence of malware
- Add custom compliance checks to identify security and compliance risks (e.g., PII, PCI, GDPR-related data)
- Developers and Security teams get actionable information on how to mitigate detected vulnerabilities
- Users gain visibility into vulnerabilities in their application or container artifacts directly from CI/CD tools and the Aqua dashboard
The Aqua solution is easy to operate, supports more than 40 languages, including Java, Go, C++, Python, Ruby, NodeJS and others, as well as static binaries, and finds known vulnerabilities, embedded "secrets", and malware. Users can integrate Aqua Security with their existing CI/CD tools for security testing as part of the build, with Active Directory/LDAP for user authentication, and with SIEM/analytics to output audit and alert data. Based on image assurance policies, users can then approve or block application or container artifacts depending on their vulnerability posture, the presence of embedded secrets, malware, and runtime configuration parameters.
Industry News
April 15, 2024
April 15, 2024
Postman announced its acquisition of Orbit, the community growth platform for developer companies.
April 11, 2024
Check Point® Software Technologies Ltd. announced new email security features that enhance its Check Point Harmony Email & Collaboration portfolio: Patented unified quarantine, DMARC monitoring, archiving, and Smart Banners.
April 11, 2024
Automation Anywhere announced an expanded partnership with Google Cloud to leverage the combined power of generative AI and its own specialized, generative AI automation models to give companies a powerful solution to optimize and transform their business.
April 11, 2024
Jetic announced the release of Jetlets, a low-code and no-code block template, that allows users to easily build any technically advanced integration use case, typically not covered by alternative integration platforms.
April 10, 2024
Progress announced new powerful capabilities and enhancements in the latest release of Progress® Sitefinity®.
April 10, 2024
Buildkite signed a multi-year strategic collaboration agreement (SCA) with Amazon Web Services (AWS), the world's most comprehensive and broadly adopted cloud, to accelerate delivery of cloud-native applications across multiple industries, including digital native, financial services, retail or any enterprise undergoing digital transformation.
April 10, 2024
AppViewX announced new functionality in the AppViewX CERT+ certificate lifecycle management automation product that helps organizations prepare for Google’s proposed 90-day TLS certificate validity policy.
April 09, 2024
Rocket Software is addressing the growing demand for integrated security, compliance, and automation in software development with its latest release of Rocket® DevOps, formerly known as Aldon®.
April 09, 2024
Wind River announced the latest release of Wind River Studio Developer, an edge-to-cloud DevSecOps platform that accelerates development, deployment, and operation of mission-critical systems.
April 09, 2024
appCD announced its generative infrastructure from code solution now supports Azure Kubernetes Service (AKS).
April 09, 2024
Synopsys announced the availability of Black Duck® Supply Chain Edition, a new software composition analysis (SCA) offering that enables organizations to mitigate upstream risk in their software supply chains.
April 09, 2024
DataStax announced innovative integrations with API extensions to Google Cloud’s Vertex AI Extension and Vertex AI Search, offering developers an easier time leveraging their own data.
Parasoft Launches New Product Essential to Large Teams Developing Safety-Critical C/C++ Applications
April 08, 2024
Parasoft introduced C/C++test CT, a comprehensive solution tailored for large teams engaged in the development of safety- and security-critical C and C++ products.
April 08, 2024
Endor Labs announced a strategic partnership with GuidePoint Security.
