ZeroNorth Delivers New Capabilities to Rapidly Identify, Prioritize and Remove Vulnerabilities
October 08, 2020

ZeroNorth announced new innovative capabilities for its SaaS-based application security automation and orchestration platform.

With these new capabilities, the ZeroNorth platform aims to remove friction between security and DevOps teams by making security integral and transparent within the software development life cycle. By doing so, ZeroNorth empowers developers to deliver the secure software required to drive business growth.

The new features include application portfolio reports and support for additional application scanning tools and toolchain integrations, such as Scout Suite, Aqua Trivy, Gitlab and BitBucket Server. These capabilities are ideally suited for organizations with distributed business lines and DevOps teams that are striving to gain a competitive edge in the current economic climate.

“The shift to DevOps means that both Security and Development must now play a critical role in the delivery of secure software,” said Christian J. van den Branden, SVP, Engineering & Product Management at ZeroNorth. “The ZeroNorth platform seamlessly integrates security throughout the software development lifecycle, empowering the Security team to own the enforcement of standards and reporting while liberating the development team to deliver secure software faster and more easily.”

The new Application Portfolio report highlights the security policies applied to each application, scan results and progress of remediation work, and enables users to drill down from the big picture into details on a more granular level. This visibility ensures the CISO gains a holistic view of risk, while product security and engineering teams can implement application security based on the line of business (LOB) needs.

ZeroNorth makes application security programs transparent and friction free for developers so they can develop secure applications without changing their workflows or being flooded with non-priority tickets. To this end, the ZeroNorth platform is enhancing its roster of leading commercial and open source application security tools with support for Scout Suite, an open source multi-cloud security-auditing tool which enables security posture assessment of cloud environments, and Aqua Trivy, a comprehensive open source vulnerability scanner for container images.

ZeroNorth is also expanding its DevOps toolchain integrations to further support development agility. With this new release, the ZeroNorth platform automatically integrates with, and can scan the contents of BitBucket Server and GitLab source code repositories including branches within both GitLab and GitHub repositories.

"Security teams struggle to keep pace with development, and historically, DevOps teams have neglected security to their peril. With disparate tools clouding the landscape, organizations have left themselves open to attack because of the lack of integration and scant visibility across hybrid environments,” commented Jim Mercer, Research Director at IDC. “The application security and risk management capabilities of the ZeroNorth platform provide a compelling value proposition to help DevOps teams optimize their DevSecOps effectiveness while improving velocity and reducing risk."

ZeroNorth includes key new features that focus on providing greater flexibility to security and development teams, helping them deliver applications at greater velocity, including:

- Customization of vulnerability data compression parameters, such as name and type of vulnerabilities, libraries included etc.

- Customization of alerts to meet the needs of the DevOps process and support data-driven business decisions in real time.

All new features and enhancements are generally available in the ZeroNorth platform.

Share this

Industry News

March 28, 2024

Check Point® Software Technologies Ltd. announced a collaboration with Microsoft that utilizes the Microsoft Azure OpenAI Service to enhance Check Point Infinity AI Copilot, marking a significant advancement in cyber security AI applications.

March 28, 2024

ArmorCode announced ArmorCode Risk Prioritization, providing a 3D scoring approach for managing application security risks.

March 28, 2024

AppViewX and Fortanix announced a partnership to offer cloud-delivered secure digital identity management and code signing.

March 27, 2024

WaveMaker has updated its platform in response to customer demand for more sophisticated API and code management tools.

March 27, 2024

Vercara announced the launch of UltraAPI™, a product suite that protects APIs and web applications from malicious bots and fraudulent activity while ensuring regulatory compliance.

March 27, 2024

Legit Security announced the launch of its standalone enterprise secrets scanning product, which can detect, remediate, and prevent secrets exposure across the software development pipeline.

March 26, 2024

Progress announced a strategic partnership with Veeam® Software, the #1 leader by market share in Data Protection and Ransomware Recovery, to provide customers with an enterprise-ready cyber defense solution that strengthens the security of their business-critical data.

March 26, 2024

GitGuardian released its Software Composition Analysis (SCA) module.

March 26, 2024

DataStax announced a milestone in its journey to simplify enterprise retrieval-augmented generation (RAG) for developers by integrating with Microsoft Semantic Kernel.

March 25, 2024

Check Point® Software Technologies Ltd. is collaborating with NVIDIA to enhance the security of AI cloud infrastructure. Integrating NVIDIA BlueField DPUs, which feature a broad range of purpose-built, innovative security capabilities, the new Check Point AI Cloud Protect solution will help prevent threats at both the network and host levels.

March 25, 2024

Sentry announced the release of Autofix, an AI-powered feature to debug and fix code in minutes, saving important time and resources.

March 25, 2024

Apiiro announced a product integration and partnership with Secure Code Warrior, the agile developer security training platform, to extend its ASPM technology and processes to the people layer.

March 21, 2024

Progress announced that Progress® Semaphore™, its metadata management and semantic AI platform, was named a Champion in SoftwareReviews’ 2024 Metadata Management Emotional Footprint Awards.

March 21, 2024

The Cloud Native Computing Foundation® (CNCF®) has partnered with Udemy, an online skills marketplace and learning platform.

March 21, 2024

GitLab has acquired Oxeye, the provider of a cloud-native application security and risk management solution.