JFrog announced the launch of ChartCenter, a free, security-focused central repository of Helm charts for the community.
Lacework announced the addition of build-time security capabilities to complement existing run-time platform for cloud, container and hybrid environments.
With this update, the Lacework Complete Security Platform will "shift left" to provide complete security and compliance visibility across the entirety of an enterprise's infrastructure footprint -- from development to runtime, and for cloud, container, bare metal, and hybrid environments.
This move comes as more organizations adopt DevOps and a Continuous Integration and Continuous Delivery (CI/CD) approach to application development and delivery in order to rapidly scale to meet business demands. The desire to move quickly creates security gaps that can lead to data leaks, ransomware, crypto mining, and a variety of other types of issues that can leave an organization's data exposed and vulnerable. Lacework now provides the most complete security platform across build-time and run-time environments so developers can apply a diversity of tools to enable productivity and speed in an effort to meet changing business needs.
"Customers can't effectively secure complex environments with a stack of security tools," said Dan Hubbard, CEO of Lacework. "Shifting left is about integrating security into every aspect of the lifecycle of cloud-native workloads, irrespective of where they are developed and deployed. Enterprises move quickly and they require a solution that is complete, continuous and automated."
The addition of DevOps security into the Lacework Complete Security Platform means that enterprises can leverage a single solution that can identify security vulnerabilities and threats throughout the data and application lifecycle. As attackers seek to exploit weaknesses within infrastructures as they grow in surface area, the Lacework Complete Security Platform will provide unique visibility, immediate threat detection, and remediation capabilities.
"The market today offers a variety of point solutions to address security needs of specific elements of the IT infrastructure – such as cloud compliance, network endpoints, application orchestration, or vulnerability detection, among others -- or rely on a rules-based approach to configuration validation and other security requirements," continued Hubbard. "We will apply our unique intrusion detection approach to detect behavioral anomalies for all DevOps, cloud, and container configurations and events."