Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884)
GitLab has fixed a remote code execution vulnerability (CVE-2022-2884) affecting the Community and the Enterprise Edition of its DevOps platform, and has urged admins to upgrade their GitLab instances immediately. The vulnerability was reported throu.....»»
Is security becoming a priority for DevOps teams?
GitLab released the results of its annual DevSecOps survey which highlights the continued prioritization of security and compliance, investment in toolchain consolidation, and the ongoing impacts of rapid DevOps adoption. The survey consisted of 5,00.....»»
Opsera unveils SaaS DevOps capabilities to improve agility and security posture for enterprises
Opsera has unveiled its enterprise-wide SaaS DevOps capabilities to manage and modernize software releases. It also announced a new study commissioned from Vernon Keenan, senior industry analyst at Salesforcedevops.net. The research affirms the need.....»»
How to manage the intersection of Java, security and DevOps at a low complexity cost
In this Help Net Security video, Erik Costlow, Senior Director of Product Management at Azul, talks about Java centric vulnerabilities and the headache they have become for developers everywhere. He touches on the need for putting security back into.....»»
Appdome ThreatScope brings attack and threat intelligence into the mobile DevOps CI/CD pipeline
Appdome released ThreatScope, a Mobile Security Operations Center (SOC) that’s integrated inside the Appdome DevSecOps build system. With ThreatScope, Appdome combines the power of mobile attack and threat data, telemetry, and intelligence with cli.....»»
Traceable AI adds eBPF to its security platform to improve observability and visibility into all API activity
Traceable AI adds extended Berkeley Packet Filter (eBPF) data to its platform. Traceable helps CISOs, DevSecOps, and DevOps teams obtain deeper observability and visibility into APIs without additional instrumentation or latency — advancing compani.....»»
Now is the time to focus on software supply chain security improvements
The shift to cloud-native development, along with the increased speed in development brought about by the adoption of DevOps processes, has made the challenges connected with securing software supply chains infinitely more complex, according to recen.....»»
CircleCI launches support for GitLab SaaS developers
CircleCI released support for GitLab SaaS customers. Now, joint customers can enjoy interoperability between tools from GitLab, The One DevOps Platform for software innovation, and CircleCI. Software development teams using GitLab can now build, test.....»»
NetApp Spot Security identifies and assesses cloud security posture risks
NetApp released Spot Security, delivering a solution for continuous assessment and analysis of cloud security posture. Spot Security enables DevOps and SecOps teams to easily collaborate to identify misconfigurations, reduce their potential attack su.....»»
Ermetic enables organizations to provide secure JIT access to cloud environments for developers
Ermetic announced the Ermetic Platform now enables organizations to automate the process of granting developers and DevOps teams “Just in Time” (JIT) access to cloud infrastructure environments. These new capabilities enable users to request, on.....»»
7 DevSecOps myths and how to overcome them
DevOps and security teams have long been at odds with each other over the software delivery pipeline. DevOps teams have historically viewed security teams as the “release prevention department” with overly conservative approaches to risk mitigati.....»»
Obsidian Security strengthens engineering team with four new senior hires
Obsidian Security announced four new senior hires on its engineering team: Zhiping Liu as Senior Principal Engineering Lead, Shuyang Wang, Head of Threat Research, Phil Whyte, Senior Director of Engineering and Autumn Wang, Director of DevOps. The ke.....»»
LDRA integrates with Microsoft Azure DevOps to improve ‘shift left’ strategy for organizations
LDRA announced integration with Microsoft Azure DevOps. LDRA’s integration with this cloud-hosted development and deployment solution helps small- and medium-sized organizations more efficiently deploy the ‘shift left’ strategy—a core princip.....»»
YouAttest collaborates with JumpCloud to give users access reviews for identity governance
YouAttest announced their product integration with JumpCloud – an open directory platform that gives IT, security operations, and DevOps secure, frictionless access to control and manage employee identities, their devices, and apply Zero Trust.....»»
Tromzo Security Guardrails improves security posture for developers
Tromzo announced the expansion of the product to provide pre-built, contextual, and real-time security policies and controls in CI/CD through security guardrails. The adoption of cloud-native applications and infrastructure has propelled DevOps and a.....»»
Intelligent Waves and Horizon3.ai join forces to provide security for DoD mission support
Intelligent Waves announced a strategic collaboration with Horizon3.ai to support next-generation cybersecurity protection in DevOps for the DoD special operations community. Intelligent Waves will utilize Horizon3.ai’s NodeZero autonomous pene.....»»
Orca Security unveils Shift Left Security capabilities to prevent cloud application issues
Orca Security announced a cloud security solution to provide context-aware Shift Left Security for cloud infrastructure and applications. Orca Security helps DevOps teams understand the potential impact of security issues on cloud application product.....»»
GitProtect.io releases Jira backup to bring data protection in the event of any failure or human error
GitProtect.io, a data backup, and recovery software vendor for DevOps ecosystems (GitHub, Bitbucket, and GitLab) now officially supports Jira Cloud, a widely-used Atlassian issue tracking and project management tool for software development teams. It.....»»
Codenotary adds observability for Kubernetes and VMware environments
Codenotary announced Kubernetes and VMware vSphere full-stack monitoring for operations and DevOps teams, providing all-in-one monitoring for Kubernetes and virtualized infrastructure. Kubernetes adoption is on the rise; according to the 2021 Cloud N.....»»
Digital.ai Ascension empowers organizations to unify predictive insights across the software lifecycle
Digital.ai announced it has reimagined the future of software delivery for technology-driven organizations with its AI-Powered DevOps Platform. The new release—dubbed Ascension—empowers both private and public sector organizations to unify, secur.....»»