mabl announced the addition of mobile application testing to its platform.
CloudBees unveiled a hardened version of CloudBees CI, a continuous integration (CI) solution.
The new version meets the United States Department of Defense (DoD) specifications for security, one of the most demanding security certifications in the world.
The new release of CloudBees CI (formerly known as CloudBees Core) is available immediately and enables DoD and civilian agencies of the U.S. federal government, as well as enterprises in private industry, to drive more value through their software delivery pipelines while lowering security risk.
Federal government agencies facing time-to-mission pressures are trying to automate pipelines to accelerate the building of new applications and add urgently needed functionality to existing applications. But they’re constrained by Information Assurance guidelines requiring CI tools to pass advanced security certifications. The hardened version of CloudBees CI provides a container that has achieved a Certificate to Field (CtF) from the U.S. Air Force Platform One team. Platform One is the official DevSecOps Enterprise Services team for the DoD.
A CtF is a formal certification given by the U.S. Air Force Platform One team. Software containers that receive a CtF can be used to deploy a platform within a specific environment that has received an Authority to Operate (ATO). An ATO certification means that a platform meets security standards as set forth by DISA STIG and NIST RMF guidelines. Platform One provides platforms that are already accredited and can only use containerized software with an approved CtF.
“With the CtF, CloudBees CI can be readily used by DoD agencies, as well as civilian agencies and federal system integrators (FSIs),” said Michael Wright, Director, Federal Sector, at CloudBees. “It provides all the benefits of CI in a Jenkins environment, and it meets rigorous government standards for security and compliance.”
CloudBees CI is built on Jenkins, a popular automation server. CloudBees CI provides flexible, governed CI and can be hosted on-premise, in the public cloud or in a hybrid environment. It enables teams to centrally manage software development tools, optimize software delivery velocity, maximize developer team efficiency and enforce global compliance policies.
CloudBees CI provides a hardened Docker container image which is placed in the Department of Defense Centralized Artifact Repository (DCAR), the storage repository maintained by the DoD. Teams from any DoD or civilian agency can access and simply pull the hardened Docker container image out of DCAR. The solution has been engineered to minimize the use of any libraries or components that have known security vulnerabilities. For example, if a team uses a library to execute http communication between a CloudBees CI master and agent, the functionality within CloudBees CI ensures secure ports and protocols are used at both ends.
The new hardened version of CloudBees CI can not only help agencies transform to secure DevSecOps processes – but also enterprises operating in highly regulated industries or those simply wanting heightened security capabilities.
Industry News
Spectro Cloud announced the achievement of a new Amazon Web Services (AWS) Competency designation.
GitLab announced the general availability of GitLab Duo Chat.
SmartBear announced a new version of its API design and documentation tool, SwaggerHub, integrating Stoplight’s API open source tools.
Red Hat announced updates to Red Hat Trusted Software Supply Chain.
Tricentis announced the latest update to the company’s AI offerings with the launch of Tricentis Copilot, a suite of solutions leveraging generative AI to enhance productivity throughout the entire testing lifecycle.
CIQ launched fully supported, upstream stable kernels for Rocky Linux via the CIQ Enterprise Linux Platform, providing enhanced performance, hardware compatibility and security.
Redgate launched an enterprise version of its database monitoring tool, providing a range of new features to address the challenges of scale and complexity faced by larger organizations.
Snyk announced the expansion of its current partnership with Google Cloud to advance secure code generated by Google Cloud’s generative-AI-powered collaborator service, Gemini Code Assist.
Kong announced the commercial availability of Kong Konnect Dedicated Cloud Gateways on Amazon Web Services (AWS).
Pegasystems announced the general availability of Pega Infinity ’24.1™.
Sylabs announces the launch of a new certification focusing on the Singularity container platform.
OpenText™ announced Cloud Editions (CE) 24.2, including OpenText DevOps Cloud and OpenText™ DevOps Aviator.
Postman announced its acquisition of Orbit, the community growth platform for developer companies.
Check Point® Software Technologies Ltd. announced new email security features that enhance its Check Point Harmony Email & Collaboration portfolio: Patented unified quarantine, DMARC monitoring, archiving, and Smart Banners.