CloudBees announced the integration of CloudBees’ continuous delivery and release orchestration solution, CloudBees CD/RO, with Argo Rollouts.
Cequence Security has enhanced the testing capabilities within its Unified API Protection Platform with the availability of API Security Testing.
This API Security Testing framework encourages shift-left efforts by giving security and development teams the tools to quickly uncover and remediate API vulnerabilities in pre-production environments that could otherwise lead to business disruption in production.
With API Security Testing, security and development teams can integrate continuous and automated testing of their pre-production APIs into their development and release cycle. For scenarios where no API specifications exist, security teams can leverage real-time API traffic analysis to baseline API specifications based on runtime traffic, eliminating the need to search for owners of legacy APIs or create specifications from scratch.
“Driven by the rapid rise in API exploits caused by coding errors, security and development teams are looking at ways to improve their API testing efforts without jeopardizing their continuous development release cycles,” said Varun Kohli, CMO at Cequence Security. “API Security Testing complements our runtime compliance capabilities that detect security risks such as business logic abuse and OWASP API Top 10 risks in production APIs. With API Security Testing, teams can apply the same compliance and security checks to their build processes to detect compliance issues earlier in the development cycle for pre-production APIs.”
Key capabilities of the new offering include:
- Continuous integration (CI)/Continuous development (CD) and Collaboration Tools Integration: Integrates with CI/CD tools like Gitlab, Azure DevOps, Jenkins and Bamboo, allowing developers to run tests against their pre-production APIs to detect and report security risks.
- Visualize Results and Remediate Test Failures: Security and development teams can visualize results and drill down into details to quickly understand the compliance issues identified in pre-production APIs. Summary reports allow results to be exported and shared with API owners and development teams for quick remediation and re-execution of tests.
- Comprehensive OWASP API Top 10 Risk Detection: Detects security risks including the OWASP API Top 10 and business logic risks, including introduction of shadow APIs and sensitive data exposure. Administrators can define customized sensitive data exposure and custom risk categories for different groups of APIs based on the vertical. For example, retail customers can create policies configured to look explicitly for credit card numbers, while automotive customers can monitor and prevent exposure of vehicle identification numbers.
API Security Testing is part of the Cequence Unified API Protection solution and leverages an open, extensible architecture to seamlessly integrate into existing API protection infrastructure.
amazee.io, a Mirantis company, announced that its fully-managed application delivery platform is available in AWS Marketplace.
env0 secured an additional $18.1 million of funding to conclude its Series A investment round with a total of $35.1 million.
Planview announced a new strategic collaboration with UiPath. The integration is designed to fuse the UiPath Business Automation Platform with the Planview Value Stream Management (VSM) solution Planview® Tasktop Hub.
Noname Security announced major enhancements to its API security platform to help organizations protect their API ecosystem, secure their applications, and increase cyber resilience.
Mirantis announced the latest version of Mirantis Container Cloud -- MCC 2.23 -- that simplifies operations with the ability to monitor applications performance with a new Grafana dashboard and to make updates to Kubernetes clusters with a one-click “upgrade” button from a web interface.
Pegasystems announced updates to Pega Cloud supported by an enhanced Global Operations Center to deliver a more scalable, reliable, and secure foundation for its suite of AI-powered decisioning and workflow automation solutions.
D2iQ announced the launch of DKP Gov, a new container-management solution optimized for deployment within the government sector.
StackHawk announced the availability of StackHawk Pro and StackHawk Enterprise for trial and purchase through the Amazon Web Services (AWS) Marketplace.
Octopus Deploy announced the results KinderSystems has seen working with Octopus. Through the use of Octopus, KinderSystems automates its software deployment processes to meet the complex needs of its customers and reduce the time to deploy software.
Elastic Path announced Integrations Hub, a library of instant-on, no-code integrations that are fully managed and hosted by Elastic Path.
Yugabyte announced key updates to YugabyteDB Managed, including the launch of the YugabyteDB Managed Command Line Interface (CLI).
Ambassador Labs released Telepresence for Docker, designed to make it easy for developer teams to build, test and deliver apps at scale across Kubernetes.
Fermyon Technologies introduced Spin 1.0, a major new release of the serverless functions framework based on WebAssembly.
Torc announced the acquisition of coding performance measurement application Codealike to empower software developers with even more data that increases skills, job opportunities and enterprise value.