mabl announced the addition of mobile application testing to its platform.
Codenotary launched SBOM Operator for Kubernetes in both its open source Community Attestation Service, as well as Codenotary’s Trustcenter, the company’s flagship product, that mitigates the risk of software supply chain attacks by tracking all software and software dependencies running in Kubernetes.
Codenotary provides a way to generate SBOMs (Software Bill of Materials) of running container images and maintaining up-to-date records of all builds, and dependencies. This allows for immediate risk mitigation in the event that unwanted, dangerous or vulnerable artifacts are detected.
All SBOM information is continuously updated and versioned to include any changes in deployments, then stored in a tamper-proof, auditable database. That information is instantly available for search so that the location of software artifacts can be pinpointed in seconds, and the history of image content changes verified, which is essential to maintaining a secure software supply chain.
The new SBOM Operator for Kubernetes helps enterprises comply with the U.S. Executive Order on Improving the Nation’s Cybersecurity, which includes maintaining a Software Bill of Materials (SBOM), as well as the SLSA security framework to ensure trust in the software supply chain.
“By itself, the SBOM is not very useful without continuously being updated and maintained as the information is deprecated with every new deployment or update,” said Dennis Zimmer, co-founder and CTO, Codenotary. “Now, users know exactly what is running in containers, with the most recent information so they have the ability to immediately remediate something if necessary.”
SBOM Operator is an open source community project – supported by Codenotary – to store SBOM information about container images as files in a Git repository and has been extended to support both Community Attestation Service, as well as Trustcenter, which are tamper-proof, versioned and fully searchable.
Industry News
Spectro Cloud announced the achievement of a new Amazon Web Services (AWS) Competency designation.
GitLab announced the general availability of GitLab Duo Chat.
SmartBear announced a new version of its API design and documentation tool, SwaggerHub, integrating Stoplight’s API open source tools.
Red Hat announced updates to Red Hat Trusted Software Supply Chain.
Tricentis announced the latest update to the company’s AI offerings with the launch of Tricentis Copilot, a suite of solutions leveraging generative AI to enhance productivity throughout the entire testing lifecycle.
CIQ launched fully supported, upstream stable kernels for Rocky Linux via the CIQ Enterprise Linux Platform, providing enhanced performance, hardware compatibility and security.
Redgate launched an enterprise version of its database monitoring tool, providing a range of new features to address the challenges of scale and complexity faced by larger organizations.
Snyk announced the expansion of its current partnership with Google Cloud to advance secure code generated by Google Cloud’s generative-AI-powered collaborator service, Gemini Code Assist.
Kong announced the commercial availability of Kong Konnect Dedicated Cloud Gateways on Amazon Web Services (AWS).
Pegasystems announced the general availability of Pega Infinity ’24.1™.
Sylabs announces the launch of a new certification focusing on the Singularity container platform.
OpenText™ announced Cloud Editions (CE) 24.2, including OpenText DevOps Cloud and OpenText™ DevOps Aviator.
Postman announced its acquisition of Orbit, the community growth platform for developer companies.
Check Point® Software Technologies Ltd. announced new email security features that enhance its Check Point Harmony Email & Collaboration portfolio: Patented unified quarantine, DMARC monitoring, archiving, and Smart Banners.