Rezilion Integrates With GitLab
March 23, 2022

Rezilion announced an integration with GitLab.

Deployed in minutes, this native integration with GitLab CI eliminates an organization's vulnerability backlog by 70% and reduces remediation from months to days while addressing 100% of exploitable risk.

Driven by digital transformation, product organizations are innovating faster and pushing large quantities of code daily. In the past, DevSecOps teams were not equipped with critically-needed automation tools to detect, prioritize, and address security risks. GitLab surfaces potential vulnerabilities within the CI pipeline yet developers may spend time patching vulnerabilities that don't pose an actual risk. By using Rezilion in GitLab CI, customers can understand which vulnerabilities are loaded to memory and executed in runtime. This ability means they can focus on true risks instead of focusing on vulnerabilities that are not exploitable.

Adding Rezilion to GitLab CI takes minutes. It seamlessly integrates into developers' existing workflows and reduces the time they have to spend to address vulnerabilities in the Software Development Life Cycle (SDLC). As code is tested and scanned for vulnerabilities developers can now see within their Gitlab UI which vulnerabilities require their attention while non-exploitable vulnerabilities are marked as "false positives" that shouldn't hold back releases. Additionally, customers can get a clear view of all the software components in use with Rezilion's dynamic Software Bill of Materials (SBOM) to understand which software components are vulnerable in the specific runtime context of their environment.

"... This partnership helps to reduce the time joint customers spend on security issues enabling them to address risk earlier in the development process which aligns to GitLab's shift left ethos of delivering secure products faster." said Mike LeBeau, Alliance Manager at GitLab.

With Rezilion's enhanced runtime vulnerability validation technology, the GitLab integration extends developers, DevSecOps, DevOps, and security teams' continuous view of their actual attack surface and allows them to prioritize their remediation efforts on the vulnerabilities and weaknesses that matter the most.

The Rezilion-GitLab integration offers customers the following key features and benefits:

- As much as 70% reduction in false positives and patching efforts by automatically prioritizing which vulnerabilities are exploitable and which are not across GitLab CI pipelines.

- Reduction of remediation timelines from months to days by integrating directly in the development workflow, customers can address real threats promptly.

- Actionable insights within the GitLab UI. Non-exploitable vulnerabilities are marked as "false positives" and can be dismissed, while issues can be easily assigned to fix the exploitable ones.

- A dynamic SBOM that identifies all the software components, including open source components and their exploitability status for a quick view of their risk.

"Joining forces with GitLab provides customers with the first real opportunity to experience GitLab's true, integrated security without friction," said Liran Tancman, Co-Founder and CEO, of Rezilion, Inc. "Together, we're providing our customers with an enhanced solution that helps them not only test and secure builds as a part of a more fluid workflow, but also removes some of the noise, allowing them to focus on security and speed."

Share this

Industry News

September 27, 2022

DevOps Institute will host SKILup Festival in Singapore on November 15, 2022.

September 27, 2022

Delinea announced the latest release of DevOps Secrets Vault, its high-speed vault for DevOps and DevSecOps teams.

September 27, 2022

The Apptainer community announced version 1.1.0 of the popular container system for secure, high-performance computing (HPC). Improvements in the new version provide a smaller attack surface for production deployments while offering features that improve and simplify the user experience.

September 26, 2022

Secure Code Warrior unveiled Coding Labs, a new mechanism that allows developers to more easily move from learning to applying secure coding knowledge, leading to fewer vulnerabilities in code.

September 26, 2022

ActiveState announced the availability of the ActiveState Artifact Repository.

September 26, 2022

Split Software announced the availability of its Feature Data Platform in the Microsoft Azure Marketplace.

September 22, 2022

Katalon announced the launch of the Katalon Platform, a modern and comprehensive software quality management platform that enables teams of any size to easily and efficiently test, launch, and optimize apps, products, and software.

September 22, 2022

StackHawk announced its Deeper API Security Test Coverage release.

September 21, 2022

Platform9 announced the launch of its latest open source project, Arlon.

September 21, 2022

Redpanda Data announced Redpanda Console.

September 21, 2022

mabl announced its availability as a private listing on Google Cloud Marketplace.

September 21, 2022

Zesty announced a $75 million Series B funding round led by B Capital and Series A investor Sapphire Ventures.

September 20, 2022

Opsera, the Continuous Orchestration platform for DevOps, announced a free trial of its no-code Salesforce Release Management platform for fast and secure Salesforce releases.

September 20, 2022

Sysdig announced ToDo and Remediation Guru.

September 20, 2022

AutoRABIT announced CodeScan Shield.