Opsera announced that two new patents have been issued for its Unified DevOps Platform, now totaling nine patents issued for the cloud-native DevOps Platform.
Red Hat announced Red Hat Trusted Software Supply Chain, a solution that enhances resilience to software supply chain vulnerabilities.
As part of this solution, two new cloud services, Red Hat Trusted Application Pipeline and Red Hat Trusted Content, are joining in preview mode the existing Red Hat software and cloud services, including Quay and Advanced Cluster Security (ACS), to advance the successful adoption of DevSecOps practices, and embed security into the software development lifecycle.
With Red Hat Trusted Software Supply Chain, customers can more quickly and efficiently code, build and monitor their software using proven platforms, trusted content and real-time security scanning and remediation. The solution builds on Red Hat’s 30+ years of customer and industry trust, earned by consistently delivering hardened open source solutions that make it easier for enterprises to accelerate hybrid cloud adoption while still retaining an effective IT security posture.
The software and services delivered as part of Red Hat Trusted Software Supply Chain enhance an organization’s resilience to vulnerabilities across the modern software development lifecycle. Red Hat Trusted Content builds on a foundation of security-enhanced systems software, with thousands of trusted packages in Red Hat Enterprise Linux alone and a catalog of critical application runtimes across Java, Node, and Python ecosystems. The service provides customers with enterprise-hardened trusted content and knowledge about the open-source packages in customer applications.
The basis for Red Hat Trusted Application Pipeline comes from Red Hat’s work in the creation, launch and maintenance of sigstore, which provides a freely-available standard for cloud-native secure signing, as well as providing critical pieces of shared security infrastructure to many upstream communities. Trusted Application Pipeline offers a security-forward Continuous Integration/Continuous Delivery (CI/CD) service that simplifies the adoption of the processes, technologies and expertise that Red Hat uses to build production software.
Available as a service preview in the coming weeks, Red Hat Trusted Content will provide developers with real-time knowledge of known vulnerabilities and security risks within their open source software dependencies. The service will also suggest available remediations to minimize risks, helping to reduce development time and cost. Red Hat Trusted Content provides access to Red Hat-built and -curated open source software content, with provenance and attestation, using Red Hat's internal best practices. Once an application is in production, the service proactively monitors and alerts users of known new and emerging risks in their open source dependencies, allowing for quicker remediation of emerging threats.
Red Hat Trusted Application Pipeline, available as a service preview now, helps customers enhance the security of application software supply chains with an integrated CI/CD pipeline. Applications can be more effectively built and more easily integrated into Linux containers and then deployed onto Red Hat OpenShift or other Kubernetes platforms with just a few clicks.
With Red Hat Trusted Application Pipeline, Red Hat customers can:
- Import git repositories and configure container-native continuous build, test, and deployment pipelines via a cloud service in just a few steps;
- Inspect source code and transitive dependencies;
- Auto-generate Software Bills of Materials (SBOM) within builds; and
- Verify and promote container images via a release criteria policy engine that helps confirm consistency with industry frameworks like Supply chain Levels for Software Artifacts (SLSA).
Industry News
mabl announced the addition of mobile application testing to its platform.
Spectro Cloud announced the achievement of a new Amazon Web Services (AWS) Competency designation.
GitLab announced the general availability of GitLab Duo Chat.
SmartBear announced a new version of its API design and documentation tool, SwaggerHub, integrating Stoplight’s API open source tools.
Red Hat announced updates to Red Hat Trusted Software Supply Chain.
Tricentis announced the latest update to the company’s AI offerings with the launch of Tricentis Copilot, a suite of solutions leveraging generative AI to enhance productivity throughout the entire testing lifecycle.
CIQ launched fully supported, upstream stable kernels for Rocky Linux via the CIQ Enterprise Linux Platform, providing enhanced performance, hardware compatibility and security.
Redgate launched an enterprise version of its database monitoring tool, providing a range of new features to address the challenges of scale and complexity faced by larger organizations.
Snyk announced the expansion of its current partnership with Google Cloud to advance secure code generated by Google Cloud’s generative-AI-powered collaborator service, Gemini Code Assist.
Kong announced the commercial availability of Kong Konnect Dedicated Cloud Gateways on Amazon Web Services (AWS).
Pegasystems announced the general availability of Pega Infinity ’24.1™.
Sylabs announces the launch of a new certification focusing on the Singularity container platform.
OpenText™ announced Cloud Editions (CE) 24.2, including OpenText DevOps Cloud and OpenText™ DevOps Aviator.
Postman announced its acquisition of Orbit, the community growth platform for developer companies.