Kubiya.ai announces the launch of its DevOps Digital Agents.
Synopsys announced that on Feb. 18 it will release a major update to the Polaris Software Integrity Platform to extend its static application security testing (SAST) and software composition analysis (SCA) capabilities to the developer's desktop through the native integration of the Code Sight IDE plugin.
These capabilities, the first of their kind, will enable developers to proactively find and fix both security weaknesses in proprietary code and known vulnerabilities in open source dependencies simultaneously, without leaving their interactive development environment (IDE).
"In modern development environments, security testing needs to integrate seamlessly into the developer's workflow, but it also needs to cover both proprietary and third-party code," said Simon King, VP of Solutions at the Synopsys Software Integrity Group. "By providing real-time SAST and now SCA results together in the IDE, Synopsys enables developers to detect security defects in both their own code and the open source components they leverage – as they build their applications. Developers can fix problems in real time, avoiding the risks and loss of productivity when issues are allowed to go undetected for days, weeks, or even months after they've moved on to other tasks. With this release, the native integration of the Code Sight IDE plugin enables developers to build secure, high-quality software faster."
More about the new Code Sight IDE plugin:
- Building on the Code Sight SAST capabilities first introduced in 2019, this release introduces the ability to analyze declared and transitive open source dependencies, flagging components with known security issues alongside SAST findings in the IDE.
- With the new SCA capabilities, developers can review known vulnerabilities of flagged components to verify the risk and determine remediation options, all without leaving the IDE.
- The Code Sight plugin provides vulnerability information from Black Duck Security Advisories (BDSAs), researched by Synopsys, as well as public CVE records from the National Vulnerability Database (NVD).
- BDSAs provide developers with more timely, accurate, and thorough risk and remediation information than is available in the NVD, helping them find and fix vulnerabilities faster and more effectively than other solutions.
- The Code Sight plugin also helps developers quickly identify and select the best fix for vulnerabilities by providing detailed remediation guidance, directing them to more secure component versions. Developers can then implement fixes at once, without interrupting their workflow or leaving the IDE.
- In addition to vulnerability information, the Code Sight plugin provides other information developers can use to optimize component selection, including open source license risks and potential security and license compliance violations of the organization's predefined open source policies.
Industry News
Aviatrix® introduced Aviatrix Distributed Cloud Firewall for Kubernetes, a distributed cloud networking and network security solution for containerized enterprise applications and workloads.
Stride announces the general availability of Stride Conductor, its new autonomous coding product that transforms the software development landscape.
CircleCI unveiled CircleCI releases, which enables developers to automate the release orchestration process directly from the CircleCI UI.
Fermyon™ Technologies announces Fermyon Platform for Kubernetes, a WebAssembly platform for Kubernetes.
Akuity announced a new offer targeted at Enterprises and businesses where security and compliance are key.
New Relic launched new capabilities for New Relic IAST (Interactive Application Security Testing), including proof-of-exploit reporting for application security testing.
OutSystems announced AI Agent Builder, a new solution in the OutSystems Developer Cloud platform that makes it easy for IT leaders to incorporate generative AI (GenAI) powered applications into their digital transformation strategy, as well as govern the use of AI to ensure standardization and security.
Mirantis announced significant updates to Lens Desktop that makes working with Kubernetes easier by simplifying operations, improving efficiency, and increasing productivity. Lens 2024 Early Access is now available to Lens users.
Codezero announced a $3.5 million seed-funding round led by Ballistic Ventures, the venture capital firm dedicated exclusively to funding entrepreneurs and innovations in cybersecurity.
Prismatic launched a code-native integration building experience.
Check Point® Software Technologies Ltd. announced its Check Point Infinity Platform has been ranked as the #1 Zero Trust Platform in the latest Miercom Zero Trust Platform Assessment.
Tricentis announced the launch and availability of SAP Test Automation by Tricentis as an SAP Solution Extension.
Netlify announced the general availability of the AI-enabled deploy assist.
DataStax announced a new integration with Airbyte that simplifies the process of building production-ready GenAI applications with structured and unstructured data.