LaunchDarkly announced the private preview of Warehouse Native Experimentation, its Snowflake Native App, to offer Data Warehouse Native Experimentation.
Contrast Security announced the release of Application Vulnerability Monitoring (AVM), a new capability of Application Detection and Response (ADR).
AVM works within applications to find application and API vulnerabilities in production and correlate those vulnerabilities with attacks. Accurately identifying the issues in production with AVM results in lower overall cyber risk.
"Traditionally, application and API security testing happened before production, without any insight into real attacks or how software actually runs in production. As a result, development and AppSec teams are drowning in theoretical risk and false positives. By identifying the real, exploitable risks in a running app in production, and enriching them with details about real attacks and exploits, AVM automatically enables teams to focus on the risks that matter, before attackers find them,” said Jeff Williams, founder and CTO of Contrast Security.
Contrast Security’s Application Detection and Response operates with intelligent sensors inside the application layer to identify and respond to attacks and defects in applications and APIs. It gives SecOps the behavioral context it needs to see and understand how attackers are targeting and exploiting applications, while simultaneously reducing the attack surface by pinpointing and prioritizing vulnerabilities. With the added capabilities of AVM, SecOps teams, AppSec teams and DevOps teams can collaborate to prioritize and close exposed vulnerabilities in both custom code and libraries.
Application Vulnerability Monitoring allows organizations to tackle well known security problems:
- Solve for expanding application attack surface: Organizations using AI to accelerate development often struggle to manage their expanding attack surface. AVM provides continuous visibility within production applications, enabling secure innovation minus the risk.
- Solve for application risk blind spots: Organizations struggle to prioritize application vulnerabilities. The combination of AVM and ADR allows them to see the real exploitable risks in production and what’s actually being attacked. This allows SecOps to deploy compensating ADR controls while developers are implementing a permanent fix.
- Solve for inefficient incident response: Organizations can’t always identify the vulnerabilities exploited in a security incident because they are using traditional tools. The combination of AVM and ADR can now allow them to rapidly see the entry point, the context surrounding it and the necessary fix.
- Solve for zero-day attacks: Organizations are blind to unreported vulnerabilities with traditional approaches. Contrast AVM and ADR works within the application, continuously analyzing behavior and identifying vulnerabilities in real-time, so that organizations can stop and fix issues before they are widely known.
Contrast’s managed service, Contrast One, is also available for both AVM and ADR, for organizations that want expert assistance running their application security program.
Industry News
SingleStore announced the launch of SingleStore Flow, a no-code solution designed to greatly simplify data migration and Change Data Capture (CDC).
ActiveState launched its Vulnerability Management as a Service (VMaas) offering to help organizations manage open source and accelerate secure software delivery.
Genkit for Node.js is now at version 1.0 and ready for production use.
JFrog signed a strategic collaboration agreement (SCA) with Amazon Web Services (AWS).
mabl launched of two new innovations, mabl Tools for Playwright and mabl GenAI Test Creation, expanding testing capabilities beyond the bounds of traditional QA teams.
Check Point® Software Technologies Ltd. announced a strategic partnership with leading cloud security provider Wiz to address the growing challenges enterprises face securing hybrid cloud environments.
Jitterbit announced its latest AI-infused capabilities within the Harmony platform, advancing AI from low-code development to natural language processing (NLP).
Rancher Government Solutions (RGS) and Sequoia Holdings announced a strategic partnership to enhance software supply chain security, classified workload deployments, and Kubernetes management for the Department of Defense (DOD), Intelligence Community (IC), and federal civilian agencies.
Harness and Traceable have entered into a definitive merger agreement, creating an advanced AI-native DevSecOps platform.
Endor Labs announced a partnership with GitHub that makes it easier than ever for application security teams and developers to accurately identify and remediate the most serious security vulnerabilities—all without leaving GitHub.
Are you using OpenTelemetry? Are you planning to use it? Click here to take the OpenTelemetry survey.
GitHub announced a wave of new features and enhancements to GitHub Copilot to streamline coding tasks based on an organization’s specific ways of working.
Mirantis launched k0rdent, an open-source Distributed Container Management Environment (DCME) that provides a single control point for cloud native applications – on-premises, on public clouds, at the edge – on any infrastructure, anywhere.
Hitachi Vantara announced a new co-engineered solution with Cisco designed for Red Hat OpenShift, a hybrid cloud application platform powered by Kubernetes.