Idera Announces Assembla-Kiuwan Integration
April 18, 2019

Idera announced new integration capabilities between its Assembla and Kiuwan products.

The integration allows development teams on Assembla to “shift left” and further secure their software development lifecycle by automatically scanning code in their Assembla repositories with Kiuwan’s enterprise-grade application security testing engine.

Kiuwan provides an enterprise-grade, end-to-end, non-localized static code analysis (SAST) and code quality analysis (QA) platform. The Assembla-Kiuwan integration leverages Kiuwan’s SAST scanning engine to identify potential vulnerabilities and security threats in code, with the capability to scan more than 30+ languages, technologies, and frameworks.

Issues detected during weekly scans are automatically highlighted and recorded in a user’s Assembla code commit history, enabling them to drill down for further analysis without leaving the repository.

“Until now, Assembla users either weren’t doing any scanning at all, or they were using separate scanning tools that increased the potential for error in identifying and resolving vulnerabilities,” said Robert Warmack, GM of Assembla. “Similarly, Kiuwan customers had to use a different system to securely store their source code, and spend time manually configuring the connection between the two systems to automate scanning. This integration pushes the envelope on the DevSecOps playbook, combining the premium capabilities of two world-class enterprise software development and security products.”

To enable scanning, Assembla users navigate to the Security Scan Results tab within their repository and check the “weekly code scan” box to turn the Kiuwan scanner ON. Once a week, the scanner will scan the code repository within the repository tool for potential vulnerabilities and security threats, and alert the user to any issues from within the Assembla repository tool.

All Assembla customers get access to five free vulnerabilities in each weekly scan. Teams with active subscriptions to both Kiuwan and Assembla receive unlimited results from the Kiuwan scanner while gaining access to Kiuwan’s powerful business analytics, flexible and comprehensive scanning settings, and notifications directly from the Kiuwan dashboard.

Kiuwan users can access this capability by starting a new trial account with Assembla and enabling the integration between Assembla and Kiuwan from their Assembla Integrations settings.

Share this

Industry News

February 26, 2020

Perforce Software released a free tool for organizations considering open source software - OpenLogic Stack Builder.

February 26, 2020

Applause announced a new partnership with Infosys to provide broader end-to-end digital experience testing services to clients.

February 26, 2020

RapidMiner announced the release of its platform enhancement, RapidMiner 9.6. This update prioritizes people – not technology – at the center of the enterprise AI journey, providing new, unique experiences to empower users of varying backgrounds and abilities.

February 25, 2020

JFrog announced the availability of the "JFrog Platform," a hybrid, multi-cloud, universal DevOps platform.

February 25, 2020

Nureva added new agile canvas templates to Span Workspace, including a heat map developed by Jeff Sutherland, the co-creator of Scrum and founder of Scrum Inc. and Scrum@Scale.

February 25, 2020

Agiloft announced the addition of its new Agiloft AI Engine, complete with prebuilt AI Capabilities for contract management and an open AI integration that allows customers to incorporate custom-built AI tools into the no-code platform.

February 24, 2020

Cloudify announced that its latest product update - Cloudify version 5 - features an Environment as a Service component, designed to achieve consistent delivery and management of hybrid-cloud services and network infrastructures across CI/CD pipelines - at scale.

February 24, 2020

Checkmarx announced new enhancements to its Software Security Platform to empower more seamless implementation and automation of application security testing (AST) in modern development and DevOps environments.

February 24, 2020

Rapid7 and Snyk announced a strategic partnership to deliver end-to-end application security to organizations developing cloud native applications.

February 20, 2020

The American Council for Technology and Industry Advisory Council (ACT-IAC), the premier public-private partnership dedicated to advancing government through the application of information technology, officially announced the release of the DevOps Primer.

It was produced through a collaborative, volunteer effort by a working group from government and industry, hosted by the ACT-IAC Emerging Technology Community of Interest (COI).

February 20, 2020

DLT Solutions, a subsidiary of Tech Data, launched the Secure Software Factory (SSF), a framework that provides the U.S. public sector with consistent development and deployment of high-quality, scalable, resilient and secure software throughout an application’s lifecycle.

February 20, 2020

Netography announced the general availability of the company’s Security Operations Platform.

February 19, 2020

Perfecto by Perforce announced its integration with Katalon Studio.

February 19, 2020

Radware announced the Alteon Cloud Control as part of its Alteon Multi-Cloud Solution designed to simplify the deployment of secured application delivery services across public and private cloud environments.

February 19, 2020

BluBracket introduced its product suite, a comprehensive security solution for code in the enterprise.