ZeroNorth Delivers New Capabilities to Rapidly Identify, Prioritize and Remove Vulnerabilities
October 08, 2020

ZeroNorth announced new innovative capabilities for its SaaS-based application security automation and orchestration platform.

With these new capabilities, the ZeroNorth platform aims to remove friction between security and DevOps teams by making security integral and transparent within the software development life cycle. By doing so, ZeroNorth empowers developers to deliver the secure software required to drive business growth.

The new features include application portfolio reports and support for additional application scanning tools and toolchain integrations, such as Scout Suite, Aqua Trivy, Gitlab and BitBucket Server. These capabilities are ideally suited for organizations with distributed business lines and DevOps teams that are striving to gain a competitive edge in the current economic climate.

“The shift to DevOps means that both Security and Development must now play a critical role in the delivery of secure software,” said Christian J. van den Branden, SVP, Engineering & Product Management at ZeroNorth. “The ZeroNorth platform seamlessly integrates security throughout the software development lifecycle, empowering the Security team to own the enforcement of standards and reporting while liberating the development team to deliver secure software faster and more easily.”

The new Application Portfolio report highlights the security policies applied to each application, scan results and progress of remediation work, and enables users to drill down from the big picture into details on a more granular level. This visibility ensures the CISO gains a holistic view of risk, while product security and engineering teams can implement application security based on the line of business (LOB) needs.

ZeroNorth makes application security programs transparent and friction free for developers so they can develop secure applications without changing their workflows or being flooded with non-priority tickets. To this end, the ZeroNorth platform is enhancing its roster of leading commercial and open source application security tools with support for Scout Suite, an open source multi-cloud security-auditing tool which enables security posture assessment of cloud environments, and Aqua Trivy, a comprehensive open source vulnerability scanner for container images.

ZeroNorth is also expanding its DevOps toolchain integrations to further support development agility. With this new release, the ZeroNorth platform automatically integrates with, and can scan the contents of BitBucket Server and GitLab source code repositories including branches within both GitLab and GitHub repositories.

"Security teams struggle to keep pace with development, and historically, DevOps teams have neglected security to their peril. With disparate tools clouding the landscape, organizations have left themselves open to attack because of the lack of integration and scant visibility across hybrid environments,” commented Jim Mercer, Research Director at IDC. “The application security and risk management capabilities of the ZeroNorth platform provide a compelling value proposition to help DevOps teams optimize their DevSecOps effectiveness while improving velocity and reducing risk."

ZeroNorth includes key new features that focus on providing greater flexibility to security and development teams, helping them deliver applications at greater velocity, including:

- Customization of vulnerability data compression parameters, such as name and type of vulnerabilities, libraries included etc.

- Customization of alerts to meet the needs of the DevOps process and support data-driven business decisions in real time.

All new features and enhancements are generally available in the ZeroNorth platform.

Share this

Industry News

October 29, 2020

Cisco announced new software-delivered solutions designed to simplify IT operations across on-premise data centers and multicloud environments.

October 29, 2020

Bugsnag announced availability of user stability analytics, which will help developers gain a clearer understanding of how application errors are impacting the user experience and other key performance indicators (KPIs) for the business, as well as offer insights on whether to fix bugs or build new features.

October 29, 2020

HAProxy Technologies announced an open-source release of a VMware Open Virtual Appliance (OVA) virtual machine image of the HAProxy load balancer for vSphere, which HAProxy Technologies will maintain on GitHub.

October 28, 2020

Progress announced a number of new innovations designed to facilitate adoption and at-scale deployment of Chef offerings for both new and experienced users of the DevSecOps portfolio.

October 28, 2020

StackRox announced the release of KubeLinter, its new open source static analysis tool to identify misconfigurations in Kubernetes deployments.

October 28, 2020

Vercel announced Next.js 10 featuring a number of new capabilities that accelerate frontend developers’ ability to enrich end users’ web experiences globally.

October 27, 2020

ThinkTank has released a suite of applications designed to keep distributed agile teams aligned and engaged, regardless of physical location.

October 27, 2020

Cloudify, a Service Orchestration and Automation Platform, announced its latest 5.1 product release which aims to take one step further to permanently remove silos and roadblocks that are consistently associated with migration to the public cloud.

October 27, 2020

WhiteSource announced its new native integration for Microsoft Azure DevOps services.

October 26, 2020

NetApp unveiled a new serverless and storageless solution for containers from Spot by NetApp, a new autonomous hybrid cloud volume platform, and cloud-based virtual desktop solutions.

October 26, 2020

GeneXus released GeneXus 17, a new version of its platform that empowers enterprises to create and evolve new applications at unprecedented speed.

October 26, 2020

Alcide announced the company’s security solutions are now integrated with AWS Security Hub, sending real-time threat intelligence and compliance information to Amazon Web Services (AWS) for easy consumption by Security and DevSecOps teams.

October 22, 2020

Puppet announced Puppet Comply, a new product built to work with Puppet Enterprise aimed at assessing, remediating, and enforcing infrastructure configuration compliance policies at scale across traditional and cloud environments.

October 22, 2020

Harness announced two new modules: Continuous Integration Enterprise and Continuous Features.

October 22, 2020

Render announced automatic preview environments which are essential for rapid and collaborative development of modern applications.