Oracle is making its popular APEX low-code development platform available as a managed cloud service that developers can use to build data-driven enterprise applications quickly and easily.
Sonatype and NeuVector announced a new integration that provides a comprehensive view of all Kubernetes and Container open source risk in one place.
With NeuVector’s container vulnerability scanning integrated directly into Sonatype’s Nexus Lifecycle, users will be able to use Nexus Lifecycle’s unrivaled policy engine to set detailed parameters to generate a complete software bill of materials, with a single view of any associated risk. This integration further enables accurate identification and detailed remediation guidance for application-level vulnerabilities and virtual patching to protect production workloads that contain vulnerabilities.
“As container security becomes mission critical to DevSecOps, it’s vital that organizations aren’t just “checking-the-box” within an SCA solution. Customers need a holistic approach to analyze, monitor and track the contents and runtime configurations of their containers to realize risk," said Brian Fox, CTO and Co-founder of Sonatype. "This is why we are partnering with NeuVector and bringing its best-in-class capabilities to our customers. Combined with Nexus Lifecycle's policy engine, we will be providing one of the most robust, sustainable, and scalable solutions for containers."
“End-to-end container threat visibility and protection is vital to defending enterprises' micro-perimeters from increasingly sophisticated attacks and to ensure regulatory compliance,” said Gary Duan, CTO, NeuVector.
“By integrating these complementary technologies, DevOps teams are better equipped to comprehensively view security risks at-a-glance, introduce security policy as code, leverage virtual patching, and safeguard production workloads,” Duan added.