GitLab announced the launch of GitLab 18, including AI capabilities natively integrated into the platform and major new innovations across core DevOps, and security and compliance workflows that are available now, with further enhancements planned throughout the year.
New Relic launched new capabilities for New Relic IAST (Interactive Application Security Testing), including proof-of-exploit reporting for application security testing.
New Relic customers can now identify exploitable vulnerabilities with an ability to reproduce the problem and remediate the specific threat vector before shipping new code. This enables security and engineering teams to focus on real application security problems with zero false positives, as validated by the OWASP benchmark result of 100% accuracy.
“Security must be ingrained in the development culture, not just added on. New Relic IAST offers engineering and IT teams the ability to identify real application security risks with the same platform they use to monitor application performance,” said New Relic Chief Product Officer Manav Khurana. “It strengthens DevSecOps by bringing developers and security teams together to write secure code that defends against the threats of tomorrow and promotes a proactive stance on security. For well over a decade, the New Relic full-stack observability platform has bridged organizational silos by providing a single, trusted source of truth and unified user workflows – and now New Relic IAST furthers this mission.”
New updates include:
- Proof-of-exploit reporting: Find, fix, and verify exploitable vulnerabilities with dynamic assessment capabilities that pinpoint the API calls, method calls, and traces with vulnerabilities by simulating real-world attacks.
- Secure by design: The new risk exposure and assessment feature provides visibility into every code change showing potential vs. detected exposures so developers can quickly replicate, remediate, and validate fixes.
- Instant ROI: New Relic IAST is the only application security solution available out of the box in a full consumption model, so users no longer pay for security shelfware that can take months to deploy.
- Instant Impact Analysis: Know the number of applications impacted by a vulnerability and the potential severity of the identified risk with APM telemetry integrated with vulnerability management.
IAST is native to the New Relic all-in-one observability platform, which eliminates the need for additional agents, and it is now generally available in a usage-based pricing model.
Industry News
Perforce Software is partnering with Siemens Digital Industries Software to transform how smart, connected products are designed and developed.
Reply launched Silicon Shoring, a new software delivery model powered by Artificial Intelligence.
CIQ announced the tech preview launch of Rocky Linux from CIQ for AI (RLC-AI), an operating system engineered and optimized for artificial intelligence workloads.
The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the launch of the Cybersecurity Skills Framework, a global reference guide that helps organizations identify and address critical cybersecurity competencies across a broad range of IT job families; extending beyond cybersecurity specialists.
CodeRabbit is now available on the Visual Studio Code editor.
The integration brings CodeRabbit’s AI code reviews directly into Cursor, Windsurf, and VS Code at the earliest stages of software development—inside the code editor itself—at no cost to the developers.
Chainguard announced Chainguard Libraries for Python, an index of malware-resistant Python dependencies built securely from source on SLSA L2 infrastructure.
Sysdig announced the donation of Stratoshark, the company’s open source cloud forensics tool, to the Wireshark Foundation.
Pegasystems unveiled Pega Predictable AI™ Agents that give enterprises extraordinary control and visibility as they design and deploy AI-optimized processes.
Kong announced the introduction of the Kong Event Gateway as a part of their unified API platform.
Azul and Moderne announced a technical partnership to help Java development teams identify, remove and refactor unused and dead code to improve productivity and dramatically accelerate modernization initiatives.
Parasoft has added Agentic AI capabilities to SOAtest, featuring API test planning and creation.
Zerve unveiled a multi-agent system engineered specifically for enterprise-grade data and AI development.
LambdaTest, a unified agentic AI and cloud engineering platform, has announced its partnership with MacStadium(link is external), the industry-leading private Mac cloud provider enabling enterprise macOS workloads, to accelerate its AI-native software testing by leveraging Apple Silicon.
Tricentis announced a new capability that injects Tricentis’ AI-driven testing intelligence into SAP’s integrated toolchain, part of RISE with SAP methodology.