XebiaLabs Launches New DevOps Risk and Compliance Capability for Software Releases
January 14, 2019

XebiaLabs launched an advanced chain of custody, security and compliance risk assessment tracking for software releases available for enterprise software delivery.

According to Derek Langone, CEO of XebiaLabs: “To effectively manage software delivery at enterprise scale, DevOps teams need a way to accurately manage and report on the ‘chain of custody’ and other compliance requirements throughout the software delivery pipeline. It’s also vital for them to have visibility into the risk of release failures or security issues as early in the release process as possible. That’s when development teams can address issues the quickest without impacting the business.”

The XebiaLabs DevOps Platform provides a single pane of glass for technical and business stakeholders to track the release chain of custody across the end-to-end CI/CD toolchain, from code to production. And, with instant visibility into security and compliance issues, teams can take action to ensure that release failure risks, security vulnerabilities, and IT governance violations are resolved early in the software delivery cycle.

XebiaLabs’ latest features for chain of custody, security, and compliance include:

- Enhanced chain of custody reporting that offers a new all-in-one deployment dashboard. This dashboard provides a detailed view into what is being deployed, who is deploying it, and what the deployment status is—no matter which deployment tools are being used or what type of environments are being targeted, whether on premise or private, public, or hybrid cloud. Developers, release managers, and compliance staff can immediately see what is deployed where and track deployments back to feature development and delivery.

- New security risk dashboard for software releases that combines automated risk assessment for software delivery pipelines with detailed security and compliance information from commonly used tools such as Black Duck, Fortify, SonarQube, and Checkmarx. Visualizing security risk helps teams shift security and compliance activity left, so they can detect application vulnerabilities earlier and address them during development—before those vulnerabilities make it to production.

- New at-a-glance compliance overviews that summarize IT governance violations for common standards such as OWASP, PCI 3.2, and CWE/SANS. Compliance scanning activity and rule violations are presented in an easy to digest format that makes sense for technical, business, and compliance teams who are part of the software delivery process.

The XebiaLabs Deployment dashboard and Security and Compliance dashboard are available now.

Share this

Industry News

October 03, 2023

Parasoft announced new advancements in its Continuous Quality Platform for functional solutions, which include Parasoft Virtualize, SOAtest, CTP, and DTP.

The latest releases introduce capabilities including:

- GenAI integration for API testing

- Comprehensive microservices code coverage

- Web accessibility testing

- Powerful learning mode for creating and updating virtual assets

These innovations are set to transform the landscape of software testing for enterprise application development and test teams.

October 03, 2023

LinearB announced the release of free DORA Metrics dashboards.

October 03, 2023

PerfectScale, a provider of Kubernetes optimization, has successfully closed $7.1 million in seed funding.

October 02, 2023

Spectro Cloud announced Palette EdgeAI to simplify how organizations deploy and manage AI workloads at scale across simple to complex edge locations, such as retail, healthcare, industrial automation, oil and gas, automotive/connected cars, and more.

September 28, 2023

Kong announced Kong Konnect Dedicated Cloud Gateways, the simplest and most cost-effective way to run Kong Gateways in the cloud fully managed as a service and on enterprise dedicated infrastructure.

September 28, 2023

Sisense unveiled the public preview of Compose SDK for Fusion.

September 28, 2023

Cloudflare announced Hyperdrive to make every local database global. Now developers can easily build globally distributed applications on Cloudflare Workers, the serverless developer platform used by over one million developers, without being constrained by their existing infrastructure.

September 27, 2023

Kong announced full support for Kong Mesh in Konnect, making Kong Konnect an API lifecycle management platform with built-in support for Kong Gateway Enterprise, Kong Ingress Controller and Kong Mesh via a SaaS control plane.

September 27, 2023

Vultr announced the launch of the Vultr GPU Stack and Container Registry to enable global enterprises and digital startups alike to build, test and operationalize artificial intelligence (AI) models at scale — across any region on the globe. \

September 27, 2023

Salt Security expanded its partnership with CrowdStrike by integrating the Salt Security API Protection Platform with the CrowdStrike Falcon® Platform.

September 26, 2023

Progress announced a partnership with Software Improvement Group (SIG), an independent technology and advisory firm for software quality, security and improvement, to help ensure the long-term maintainability and modernization of business-critical applications built on the Progress® OpenEdge® platform.

September 26, 2023

Solace announced a new version of its Solace Event Portal solution that gives organizations with Apache Kafka deployments better visibility into, and control over, their Kafka event streams, brokers and associated assets.

September 26, 2023

Reply launched a proprietary framework for generative AI-based software development, KICODE Reply.

September 26, 2023

Harness announced the industry-wide Engineering Excellence Collective™, an engineering leadership community.

September 25, 2023

Harness announced four new product modules on the Harness platform.