JFrog announced a new machine learning (ML) lifecycle integration between JFrog Artifactory and MLflow, an open source software platform originally developed by Databricks.
Datadog announced the Datadog Vulnerability Analysis GitHub Action.
GitHub Actions provide powerful, flexible CI/CD with the ability to automate any software development workflow. The Datadog action continuously monitors dependency and version information of code being deployed. By integrating this data with Datadog’s Continuous Profiler and Snyk’s Vulnerability database, this provides a real-time view of what code is actually accessible and vulnerable in production.
Scanning applications for known vulnerabilities often yields a long list of issues that are difficult to prioritize and subsequently fix. With the data collected by the new action, vulnerability analysis will be performed by the Datadog Continuous Profiler based on Snyk vulnerability metadata. This allows engineering teams to immediately detect when and how often vulnerable methods are invoked in live environments and prioritize their security fixes based on real-world application behavior. The Datadog Vulnerability Analysis GitHub Action can be found and installed directly from the GitHub Marketplace without needing to manage scripts or infrastructure.
“Maintaining strong security posture is critical for modern applications, but with traditional vulnerability analysis it can be difficult to distinguish the signal from the noise,” said Ilan Rabinovitch, VP, Product and Community at Datadog. “Integrating the Continuous Profiler with the vulnerability database highlights meaningful security vulnerabilities, while utilizing the GitHub Action automates this process by bringing security directly into application development.”
“We’re moving towards a world where security, testing, and even responsibility for production operations are shifting left towards the developer,” said Jeremy Epling, VP, Product Management at GitHub. “Partnering with full-stack monitoring leaders like Datadog makes it easy for developers and DevOps teams to incorporate critical operations tooling as part of their everyday work environment, so teams can focus on delivering value, at greater velocity."
“By combining Snyk-enriched vulnerability metadata with the Datadog Continuous Profiler, for the first time developers can precisely pinpoint when an application actually calls vulnerable code, to better prioritize remediation efforts,” said Geva Solomonovich, CTO Global Alliances, Snyk. “Our partnership with Datadog will allow developers to deploy their security resources with greater efficiency.”
Industry News
Copado announced the general availability of Test Copilot, the AI-powered test creation assistant.
SmartBear has added no-code test automation powered by GenAI to its Zephyr Scale, the solution that delivers scalable, performant test management inside Jira.
Opsera announced that two new patents have been issued for its Unified DevOps Platform, now totaling nine patents issued for the cloud-native DevOps Platform.
mabl announced the addition of mobile application testing to its platform.
Spectro Cloud announced the achievement of a new Amazon Web Services (AWS) Competency designation.
GitLab announced the general availability of GitLab Duo Chat.
SmartBear announced a new version of its API design and documentation tool, SwaggerHub, integrating Stoplight’s API open source tools.
Red Hat announced updates to Red Hat Trusted Software Supply Chain.
Tricentis announced the latest update to the company’s AI offerings with the launch of Tricentis Copilot, a suite of solutions leveraging generative AI to enhance productivity throughout the entire testing lifecycle.
CIQ launched fully supported, upstream stable kernels for Rocky Linux via the CIQ Enterprise Linux Platform, providing enhanced performance, hardware compatibility and security.
Redgate launched an enterprise version of its database monitoring tool, providing a range of new features to address the challenges of scale and complexity faced by larger organizations.
Snyk announced the expansion of its current partnership with Google Cloud to advance secure code generated by Google Cloud’s generative-AI-powered collaborator service, Gemini Code Assist.
Kong announced the commercial availability of Kong Konnect Dedicated Cloud Gateways on Amazon Web Services (AWS).
Pegasystems announced the general availability of Pega Infinity ’24.1™.