CloudBees Compliance Released
September 29, 2021

CloudBees announced CloudBees Compliance, a real-time compliance and risk analysis capability that spans all aspects of software delivery, from commit through production.

CloudBees Compliance, which will be available in the first quarter of 2022, gives enterprises continuous compliance enforcement, providing peace of mind through ‘always-on’ compliance. As organizations accelerate the pace and the volume at which they release business value through software, CloudBees Compliance is able to assert the compliance of code, binary artifacts, data, identity and infrastructure environments in a transparent and continuous fashion. It also provides developers with instant, targeted, actionable feedback so issues can be fixed at the source.

The underlying technology for CloudBees Compliance, which extends the robust compliance and security capabilities of the CloudBees Platform, was acquired from Neuralprints. CloudBees Compliance will be available for both SaaS and self-managed deployments.

“Shifting left is not enough for enterprises that are highly regulated, highly complex and operating at extraordinary scale,” said Stephen DeWitt, CloudBees CEO. “Putting code into production that doesn’t work, whatever the reason, isn’t a viable option – the risks and costs are just too high. What enterprises want and need is immediate and actionable feedback at every point of the software delivery lifecycle so that they have the peace of mind of being compliant at all times, all while enabling developers to focus on creating business value. CloudBees Compliance lets developers focus on writing code, lets security and compliance teams ‘set it and forget it,’ and lets CISOs sleep better at night knowing risk is constantly assessed and issues are identified and routed immediately to be addressed.”

CloudBees Compliance runs as an integral, always-on, part of the software delivery process, continuously verifying code, binary artifacts, data, identity and infrastructure compliance at every stage so developers can address issues in real time. With the launch of this new capability, developers no longer need to be security experts, learn disparate tools or keep up to date on changing regulations. CloudBees Compliance uses a common repository of rules to check compliance, then deduplicates alerts across affected files to eliminate false-positive alert storms. In addition, CloudBees Compliance allows teams to set their own custom thresholds based on their risk tolerance and aggregates data from multiple security tools to provide a clear and reliable risk position for each release. After code is released to production, CloudBees Compliance continues to verify code against the rules and adapts to policy changes.

“Security and compliance must happen continuously behind the scenes so that we can all stop worrying about issues after the train has left the station and just focus on delivering great software right out of the gate,” said Prakash Sethuraman, Chief Information Security Officer, CloudBees. “Until now, teams have waited to see what breaks before they’ve been able to fix it. Now, they can set the policies and controls centrally, find issues along the way and have the information they need at their fingertips to fix the most important problems right away.”

CloudBees plans to establish a program for security vendors, consulting firms and risk management partners to create compliance solutions and services that combine CloudBees Compliance with their knowledge and expertise as value-added offerings for their customers.

Share this

Industry News

May 18, 2022

Red Hat unveiled updates across its portfolio of developer tools designed to help organizations build and deliver applications faster and more consistently across Kubernetes-based hybrid and multicloud environments.

May 18, 2022

Armory announced public early access to their new Continuous Deployment-as-a-Service product.

May 18, 2022

DataCore Software announced DataCore Bolt, enterprise-grade container-native storage software for DevOps.

May 17, 2022

DevOps Institute, a global professional association for advancing the human elements of DevOps, announced the release of the Upskilling IT 2022 report.

May 17, 2022

Replicated announced a host of new platform features and capabilities that enable their customers to accelerate enterprise adoption of their Kubernetes applications.

May 17, 2022

Codefresh announced that its flagship continuous delivery (CD) platform will be made accessible as a fully-hosted solution for DevOps teams seeking to quickly and easily achieve frictionless, GitOps-based continuous software delivery in the cloud.

May 16, 2022

Red Hat announced new capabilities and enhancements across its portfolio of open hybrid cloud solutions aimed at accelerating enterprise adoption of edge compute architectures through the Red Hat Edge initiative.

May 16, 2022

D2iQ announced a partnership with GitLab.

May 16, 2022

Kasten by Veeam announced the new Kasten by Veeam K10 V5.0 Kubernetes data management platform.

May 12, 2022

Red Hat introduced Red Hat Enterprise Linux 9, the Linux operating system designed to drive more consistent innovation across the open hybrid cloud, from bare metal servers to cloud providers and the farthest edge of enterprise networks.

May 12, 2022

Couchbase announced version 7.1 of Couchbase Server.

May 12, 2022

Copado added Copado Robotic Testing to Copado Essentials.

May 11, 2022

Red Hat announced new advancements within its Red Hat Cloud Services portfolio, delivering a fully-managed and streamlined user experience as organizations build, deploy, manage and scale cloud-native applications across hybrid environments.

May 11, 2022

JFrog introduced a new Docker Desktop Extension for JFrog Xray that allows organizations to automatically scan Docker Containers for vulnerabilities and violations early in the development process.

May 11, 2022

Progress announced a series of updates in Progress Telerik and Progress Kendo UI.