Lightspin Integrates with GitHub
April 25, 2022

Lightspin announced an integration with GitHub that will allow organizations to scan their Infrastructure as Code (IaC) files to proactively prevent code with misconfigurations from being deployed.

By detecting and fixing security issues before they are deployed to the cloud, Lightspin helps organizations embrace a "shift left" approach to security.

Shifting security left is a growing trend that requires organizations to detect security issues earlier in the software development life cycle. Lightspin helps security and DevOps teams to better understand the security posture of their repositories while saving time and more efficiently using technical resources.

"As IaC adoption soars, it's increasingly important for organizations to understand the security risks and complexities that go along with it," said Or Azarzar, CTO and Co-founder of Lightspin. "Misconfigured code and over permissive identities introduced into production can prove to be costly for security teams. Scanning IaC files proactively to prevent these issues from ever being deployed gives organizations peace of mind that they have protected their cloud environment."

Lightspin integrates via a GitHub application to scan repositories for security issues, then prioritizes an organization's repositories based on detected security findings. Once complete, a security or DevOps team can easily view the findings of each file, folder, or repository. Additionally, Lightspin provides an impact log to help teams track changes to their repositories, scanning all pull requests and highlighting the changes that had the biggest impact on their security posture. Security teams can review the details of the pull request to better understand the context.

The GitHub integration is available globally to Lightspin customers at no additional cost. To scan IaC files, users simply install the GitHub app on their repositories.

Share this

Industry News

June 27, 2022

Delinea announced the latest release of DevOps Secrets Vault.

June 27, 2022

Jit announced a $38.5 million seed funding round and launched a free beta version which automates product security.

June 27, 2022

Platform.sh raised $140 million in Series D funding.

June 23, 2022

Akana by Perforce now offers BlazeMeter to customers, previously a solution with Broadcom Layer7.

June 23, 2022

Coder announced the release of a new open source project that gives developers and data scientists a consistent, secure, yet flexible way to create cloud workspaces in minutes.

June 23, 2022

GitGuardian is announcing a series of new features to address developer experience in securing the software development lifecycle.

June 22, 2022

OctoML released a major platform expansion to accelerate the development of AI-powered applications by eliminating bottlenecks in machine learning deployment.

June 22, 2022

Snow Software announced new functionality and integrations for Snow Atlas, a purpose-built platform that provides a framework to accelerate data-driven technology decision-making.

June 22, 2022

Traefik Labs launched Traefik Hub, a new cloud service that eliminates the complexity of management and automation of Kubernetes and Docker networking at scale.

June 21, 2022

The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the new Open Programmable Infrastructure (OPI) Project.

June 21, 2022

Docker announced the acquisition of Atomist, a company founded to improve developer productivity and keep cloud native applications safe.

June 21, 2022

SmartBear released BitBar, an all-in-one web and native mobile app testing solution.

June 16, 2022

Armory announced general availability of Armory Continuous Deployment-as-a-Service.

June 16, 2022

Infragistics announced the launch of App Builder On-Prem.

June 16, 2022

LambdaTest launched Test-at-Scale (TAS), a test intelligence and observability platform, to help development teams with shift-left testing.