ShiftLeft released a new version of NextGen Static Analysis (NG SAST), including new workflows, purpose-built for developers that significantly improve security, while enhancing productivity.
Idera announced new integration capabilities between its Assembla and Kiuwan products.
The integration allows development teams on Assembla to “shift left” and further secure their software development lifecycle by automatically scanning code in their Assembla repositories with Kiuwan’s enterprise-grade application security testing engine.
Kiuwan provides an enterprise-grade, end-to-end, non-localized static code analysis (SAST) and code quality analysis (QA) platform. The Assembla-Kiuwan integration leverages Kiuwan’s SAST scanning engine to identify potential vulnerabilities and security threats in code, with the capability to scan more than 30+ languages, technologies, and frameworks.
Issues detected during weekly scans are automatically highlighted and recorded in a user’s Assembla code commit history, enabling them to drill down for further analysis without leaving the repository.
“Until now, Assembla users either weren’t doing any scanning at all, or they were using separate scanning tools that increased the potential for error in identifying and resolving vulnerabilities,” said Robert Warmack, GM of Assembla. “Similarly, Kiuwan customers had to use a different system to securely store their source code, and spend time manually configuring the connection between the two systems to automate scanning. This integration pushes the envelope on the DevSecOps playbook, combining the premium capabilities of two world-class enterprise software development and security products.”
To enable scanning, Assembla users navigate to the Security Scan Results tab within their repository and check the “weekly code scan” box to turn the Kiuwan scanner ON. Once a week, the scanner will scan the code repository within the repository tool for potential vulnerabilities and security threats, and alert the user to any issues from within the Assembla repository tool.
All Assembla customers get access to five free vulnerabilities in each weekly scan. Teams with active subscriptions to both Kiuwan and Assembla receive unlimited results from the Kiuwan scanner while gaining access to Kiuwan’s powerful business analytics, flexible and comprehensive scanning settings, and notifications directly from the Kiuwan dashboard.
Kiuwan users can access this capability by starting a new trial account with Assembla and enabling the integration between Assembla and Kiuwan from their Assembla Integrations settings.