Check Point® Software Technologies Ltd.(link is external) announced major advancements to its family of Quantum Force Security Gateways(link is external).
DeepSource released Globstar, an open-source project bringing code security tooling to the AppSec community, with no restrictions on commercial usage.
Globstar is a static code analysis toolkit that enables users to write code security checkers and run them in their CI/CD pipelines. It is fully open source using the MIT license.
DeepSource's mission is to help developers and companies write secure code using static analysis and AI, identifying vulnerabilities in code and suggesting fixes. However, the company also believes that core components of code security should be freely available to all developers and security teams.
"After analyzing millions of lines of code daily at DeepSource, we kept hearing a common request from many enterprise customers: '˜How do we write custom checks specific to our codebase?'" says Sanket Saurav, co-founder and CEO of DeepSource. "We used tree-sitter to write new checkers internally for our proprietary analyzers, and it played an important role in us rapidly responding to customer requests for new checkers. With Globstar, we realized we can put the same capability in our customers' hands, which is why we decided to make it open-source."
DeepSource's existing clients can use Globstar to codify custom security patterns — but the entire Globstar project is and will remain open to all.
"The AppSec community doesn't want a rebrand of legacy software. They want a fresh alternative," says Jai Pradeesh, co-founder of DeepSource. "What developers need is an expert-led, open-source solution to code security that is reliable in the long term and future-proof."
Key features of Globstar are:
- Written using the high-level general-purpose programming language Go, with native tree-sitter bindings, distributed as a single binary.
- MIT-licensed
- Users can run Globstar without needing to build anything, by writing all their checkers in a "globstar" folder in their repo, in YAML or Go, and running "globstar check"
- Multi-language support through tree-sitter (20+ languages today)
- Gradual learning curve: coders can start with the YAML interface for simple patterns
Industry News
Sauce Labs announced the general availability of iOS 18 testing on its Virtual Device Cloud (VDC).
Infragistics announced the launch of Infragistics Ultimate 25.1, the company's flagship UX and UI product.
CIQ announced the creation of its Open Source Program Office (OSPO).
Check Point® Software Technologies Ltd.(link is external) announced the launch of its next generation Quantum(link is external) Smart-1 Management Appliances, delivering 2X increase in managed gateways and up to 70% higher log rate, with AI-powered security tools designed to meet the demands of hybrid enterprises.
Salesforce and Informatica have entered into an agreement for Salesforce to acquire Informatica.
Red Hat and Google Cloud announced an expanded collaboration to advance AI for enterprise applications by uniting Red Hat’s open source technologies with Google Cloud’s purpose-built infrastructure and Google’s family of open models, Gemma.
Mirantis announced Mirantis k0rdent Enterprise and Mirantis k0rdent Virtualization, unifying infrastructure for AI, containerized, and VM-based workloads through a Kubernetes-native model, streamlining operations for high-performance AI pipelines, modern microservices, and legacy applications alike.
Snyk launched the Snyk AI Trust Platform, an AI-native agentic platform specifically built to secure and govern software development in the AI Era.
Bit Cloud announced the general availability of Hope AI, its new AI-powered development agent that enables professional developers and organizations to build, share, deploy, and maintain complex applications using natural language prompts, specifications and design files.
AI-fueled attacks and hyperconnected IT environments have made threat exposure one of the most urgent cybersecurity challenges facing enterprises today. In response, Check Point® Software Technologies Ltd.(link is external) announced a definitive agreement to acquire Veriti Cybersecurity, the first fully automated, multi-vendor pre-emptive threat exposure and mitigation platform.
LambdaTest announced the launch of its Automation MCP Server, a solution designed to simplify and accelerate the process of triaging test failures.
DefectDojo announced the launch of their next-gen Security Operations Center (SOC) capabilities for DefectDojo Pro, which provides both SOC and AppSec professionals a unified platform for noise reduction and prioritization of SOC alerts and AppSec findings.
Check Point® Software Technologies Ltd.(link is external) has been recognized on Newsweek’s 2025 list of America’s Best Cybersecurity Companies(link is external).
Red Hat announced enhanced features to manage Red Hat Enterprise Linux.