CloudBees announced the acquisition of ReleaseIQ to expand the company’s DevSecOps capabilities, empowering customers with a low-code, end-to-end release orchestration and visibility solution.
Sysdig announced ToDo and Remediation Guru.
ToDo is a cloud security posture management (CSPM) offering that aggregates security findings by root cause and prioritizes remediation based on impact. ToDo saves time during investigations and Remediation Guru allows security and DevOps teams to fix issues in seconds with just a few clicks.
With Sysdig, security teams can rapidly find, prioritize, and remediate security issues. ToDo aggregates risks that have the same root cause and provides opinionated prioritization that reduces time spent on investigation. However, teams not only need help identifying the risks and focusing their attention on what matters, but they also need assistance implementing the fixes. Remediation Guru automatically generates the suggested change to IaC templates that can be applied with a single click so teams can get back to revenue-generating work. Because Sysdig has a shared policy model, teams can efficiently and consistently enforce policy across multiple cloud and Kubernetes environments.
- Manage cloud and Kubernetes inventory with a single view: Teams gain visibility into cloud assets across hybrid- and multi-cloud environments.
- Prioritize what matters with ToDo: ToDo prioritizes actions that remediate the greatest number of issues by consolidating based on root cause and impact.
- Save time using Remediation Guru to fix configuration risks: Remediation Guru enables teams to fix at the source by approving automatically generated pull requests that map misconfigurations in production to IaC manifests.
- Adopt a shared policy model leveraging OPA: Sysdig helps teams apply security policies using Open Policy Agent (OPA) policy-as-code once across multiple cloud and Kubernetes environments. Teams get a unified view of security requirements from source to production, and can easily create custom OPA-based policies with a few clicks.
“It is the worst kept secret in cloud that security tools often overwhelm teams with useless alerts that are not actionable,” said Omer Azaria, VP Security Engineering at Sysdig. “Customers cannot wait to get their hands on ToDo prioritization and Remediation Guru, tools that group issues and guide you to take the most impactful actions to improve security posture. For example, 'making this change to your IAC manifest file will cause 100 resources to pass a failing compliance control.'"