Security News


Red Hat to Acquire StackRox

Red Hat announced that it is acquiring Kubernetes-native security provider StackRox sometime in the first quarter of 2021. It's first acquisition by Red Hat since it was acquired by IBM.

BMC Pumps Up Mainframe Intelligence, Security, and DevOps

BMC unveils new capabilities and enhancements for its Automated Mainframe Intelligence (AMI) and Compuware portfolios to protect mainframe customers' uptime and availability, defend the mainframe against cybersecurity threats, and advance enterprise DevOps.

Gears

Ivanti Neurons Platform Provides Automation between Service Management and SecOps

Ivanti enhances the capabilities of its flagship Enterprise Service Management (ESM) portfolio with greater automation capabilities between service management and SecOps.

Accurics Extends Support to CNCF Projects Helm and Kustomize

Cloud security provider Accurics announced that it is extending support in its Terrascan open-source tool for detecting compliance and security violations across Infrastructure as Code to two Cloud Native Computing Foundation projects: Helm and Kustomize.

Latest Version of Debugpy Debugger in Python in Visual Studio Code Update

Version 1.0 of the new debugger for Python in Visual Studio Code (VS Code), called Debugpy, shows up in the latest update of the popular Python tooling for the open source, cross-platform code editor.

GrammaTech Tool Uncovers Third-Party Code 'Blind Spots'

New security solution surfaces vulnerabilities in third-party code used in the development of custom applications.

Blue Circuit Board Graphic

New Neurons Platform Updates from Ivanti

Automated IT and security solutions provider Ivanti today announces two additions to its Neurons "hyper-automation" platform: Neurons for Patch Intelligence and Neurons for Spend Intelligence.

Dev and Sec Pros Believe in 'Security Champions' Programs

The results of a new survey suggest that a growing number of security and development professionals are convinced of the value of Security Champions programs.

Okta Extends its Devices Platform Service to Devs through its SDK

Authentication solution provider Okta has extended its Okta Devices Platform Service capabilities to developers via the Okta Devices SDK, which provides packaged tooling to build passwordless sign-in flows through branded push notifications with biometric capabilities, minimizing friction for end-users and increasing security posture.

ZeroNorth Wants to Make Security 'Integral and Transparent' in the SDLC

ZeroNorth announces a new set of capabilities for its SaaS-based security platform aimed at removing friction between security and DevOps teams by making security "integral and transparent" within the SDLC.

Image of gears

New Accurics App Gives GitHub Users New Code Scanning Feature

Cloud security provider Accurics announced a new GitHub app designed to further automate the programmatic enforcement of security policies throughout the software development workflow.

Rocks

Sumo Logic's Illuminate Conference Observability Announcements

Sumo Logic's fourth annual Illuminate user conference, virtual this year because of the pandemic, wrapped up yesterday after two days of educational sessions, expert keynotes, and product and initiative announcements.

White Cloud Graphic

CloudBees Announces New DevSecOps Capabilities for its CI/CD Solutions

CloudBees recently announced a new set of DevSecOps capabilities for its continuous integration and delivery (CI/CD) solutions, including feature flag integration within the CI and CD environments, which the company is billing as an industry first.

Sonatype Finds 'Typosquatting' Packages in npm

Sonatype's malicious code detection bots discovered and confirmed the presence of new vulnerable npm packages that exfiltrate/broadcast the target's IP, username, and device fingerprint info onto a public GitHub page where anyone can gain access.

Speed Lines Graphic

Microsoft's Security Group Open Sources Fuzzing Framework for Azure

Microsoft enables continuous developer-driven "fuzzing" with newly open sourced tool.

Terrascan Cloud Security Gets Kubernetes Support

Cloud security provider Accurics has release an update of its free and open-source Terrascan static code analyzer with new support for Kubernetes.

Top Tech Firms Form Open Source Security Foundation

A group of leading tech industry heavy weights that includes Microsoft, IBM, and Google, announced the formation of a new software foundation to consolidates industry efforts to improve the security of open-source software.

Ivanti and Intel Partner on Device-as-a-Service Offering

Automated IT and security solutions provider Ivanti is partnering with Intel to provide Device-as-a-Service (DaaS) with Intel's Endpoint Management Assistant

New Open Source PASETO Library Offers JWT Alternative

New Java developer library streamlines use of Platform Agnostic Security Tokens (PASETOs) and provides an alternative to JSON Web Tokens (JWT) to authenticate end users.

Red Brick Graphic

Red Hat Enterprise Linux 8.3 Beta Released

Red Hat announces the beta availability of the latest minor release of the RHEL 8 platform.