Appdome has integrated its platform with GitHub to build, scale, and deliver software.
Fugue added support for Google Cloud to its multi-cloud security platform.
With Fugue, cloud engineering and security teams can secure their entire cloud development lifecycle (CDLC)—from infrastructure as code to production—across their Amazon Web Services (AWS), Microsoft Azure, and now Google Cloud environments using the same Cloud Security Posture Management (CSPM) solution.
Fugue automates immediate and continuous security visibility and compliance reporting for cloud development and operations to prevent misconfiguration vulnerabilities and streamline previously time-consuming and resource-intensive tasks. Fugue support for Google Cloud initially includes 59 resource types and audit and reporting capabilities for the CIS Google Cloud Computing Platform Foundations Benchmark, CIS Controls, CSA CCM, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, SOC 2, and custom enterprise policies.
Fugue covers security and compliance at every stage of the CDLC—from Terraform and AWS CloudFormation infrastructure as code checks to continuous runtime protection and compliance auditing and reporting. Fugue provides deeper protection against the kinds of advanced multi-resource misconfigurations that are playing a larger role in modern cloud attacks and are often overlooked by other tools and compliance frameworks.
“More enterprise organizations are using multiple cloud service providers and infrastructure as code tools, and their teams need a way to move faster and more securely, regardless of which clouds they’re using, or how they’re developing and deploying cloud infrastructure,” said Josh Stella, Co-Founder and CEO of Fugue. “With the addition of Google Cloud support, teams can now use Fugue to apply the same compliance rules and custom security policies consistently across their entire cloud footprint and cloud development lifecycle—without slowing down the pace of innovation.”
With Fugue, every team—from developers to ops to security and compliance—shares a single source of trust in what’s allowed in their cloud environment using the Fugue Rules Engine, built with Open Policy Agent, the open standard for policy as code. Because Fugue takes continuous snapshots of cloud configuration state, all teams operate under a single source of truth in what’s running in their environment at all times. Fugue’s interactive cloud infrastructure maps enable teams to zoom in to inspect configuration details and compliance violations and zoom out to see the big picture of their environment, and export diagrams to include with audits.
DigiCert, announced a partnership with ReversingLabs to enhance software security by combining advanced binary analysis and threat detection from ReversingLabs with DigiCert's enterprise-grade secure code signing solution.
Semgrep announced that Semgrep Supply Chain is now free for all to use, up to a 10-contributor limit.
Checkmarx announced its new AI Query Builders and AI Guided Remediation to help development and AppSec teams more accurately discover and remediate application vulnerabilities.
Copado announced a technology partnership with nCino to provide financial institutions with proven tools for continuous integration, continuous delivery and automated testing of nCino features and functionality of the nCino cloud banking platform.
OpsMx announced extensions to OpsMx Intelligent Software Delivery (ISD) that make it a CI/CD solution designed for secure software delivery and deployment.
Couchbase announced a broad range of enhancements to its Database-as-a-Service Couchbase Capella™.
Remote.It release of Docker Network Jumpbox to enable zero trust container access for Remote.It users.
Platformatic launched a suite of new enterprise-grade products that can be self-hosted on-prem, in a private cloud, or on Platformatic’s managed cloud service:
Parasoft announced the release of C/C++test 2023.1 with complete support of MISRA C 2023 and MISRA C 2012 with Amendment 4.
Rezilion announced the release of its new Smart Fix feature in the Rezilion platform, which offers critical guidance so users can understand the most strategic, not just the most recent, upgrade to fix vulnerable components.
Zesty has partnered with skyPurple Cloud, the public cloud operations specialists for enterprises.
With Zesty, skyPurple Cloud's customers have already reduced their average monthly EC2 Linux On-Demand costs by 44% on AWS.
Red Hat announced Red Hat Trusted Software Supply Chain, a solution that enhances resilience to software supply chain vulnerabilities.
Mirantis announced Lens Control Center, to enable large businesses to centrally manage Lens Pro deployments by standardizing configurations, consolidating billing, and enabling control over outbound network connections for greater security.
Red Hat announced new capabilities for Red Hat OpenShift AI.