Parasoft announces the opening of its new office in Northeast Ohio.
Tripwire Debuts Container Analyzer Service
April 16, 2018
Tripwire announced the debut of its Container Analyzer Service, a DevOps solution for scanning vulnerabilities in the build phase, now available for beta customers.
The early access program for Tripwire’s Container Analyzer Service now embeds security at the beginning of the DevOps process. During the build phase, it can be used to perform complete vulnerability analysis of Docker images, systematically approving images or preventing further use of them.
"With the new Container Analyzer Service, Tripwire helps address security needs throughout the entire DevOps life cycle – from build to production," said Tim Erlin, VP of Product Management and Strategy at Tripwire. "It's critical that security controls work at the speed of DevOps, and we're excited to provide security teams with the tools that help them address the continuous and rapid release of new applications and services.”
Images are built earlier in the DevOps process and are the basis for building a container – a runtime instance of an image. The Container Analyzer Service combines with continuous integration (CI) and continuous deployment (CD) tools to perform vulnerability scanning at each layer of the Docker image.
This new capability builds upon Tripwire's existing capabilities for scanning online, offline and non-running Docker containers later in the DevOps life cycle. Scanning for vulnerabilities throughout the life cycle is important as change happens frequently and rapidly through the DevOps process.
In addition to delivering this enhanced visibility into vulnerabilities, Tripwire also provides integration with the DevOps toolchain for initiating scans, securing the build pipeline infrastructure, and monitoring for changes throughout the continuous deployment life cycle.
Industry News
May 02, 2024
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
May 02, 2024
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
May 02, 2024
Nokod Security announced the general availability of the Nokod Security Platform.
May 02, 2024
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
May 01, 2024
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
May 01, 2024
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
May 01, 2024
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
May 01, 2024
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
May 01, 2024
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
April 30, 2024
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
April 30, 2024
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
April 30, 2024
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
April 29, 2024
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
April 29, 2024
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.
