Sign up for our newsletter!
Stay informed on the latest DevOps news

DevOps.com

Tag: code scanning

appCD Launches Platform to Securely Provision Cloud Infrastructure

| | appCD, Cloud Computing, code scanning, continuous delivery, devsecops, misconfigurations
appCD's platform analyzes an application about to be deployed and automatically generates the code to provision the required infrastructure ...

5 Security Threats DevOps Teams Should Know

| | application security, code scanning, devops security, devsecops, network filtering
DevOps security (DevSecOps) is about breaking down silos and promoting open collaboration across teams ...

Legit Security Applies AI to Detect Vulnerable Application Secrets

| | ai, application security, artificial intelligence, code scanning, Legit Security, secrets management
Legit Security expanded the scope of its ASPM platform to make use of AI to discover vulnerable application secrets more accurately ...

HashiCorp Acquires BluBracket to Extend Secrets Management Reach

| | code scanning, Hashicorp, Secrets, secrets management
HashiCorp this week acquired BluBracket to add a set of static secrets discovery tools to its portfolio ...

Mobb Launches Community Edition of Automated Remediation Tool

| | appsec, code scanning, Mobb, SAST, vulnerabilities, vulnerability scanning
Mobb today made available a free community edition of a namesake tool that creates fixes to open source vulnerabilities. The fixes are based on the results of code scanning by a static ...

Software Supply Chain Risk Management: A 2023 Guide

| | code scanning, devsecops, SCA, Software Supply Chain, supply chain
Software supply chain risk management (SSCRM) refers to the process of identifying, assessing and mitigating risks associated with third-party software components and services that are integrated into software products. SSCRM involves understanding ...

The Scariest Things About SCA

| | appsec, appsec tools, code scanning, SCA, software composition analysis
It is a time of ghouls, mischievous spirits and David S. Pumpkins. In the spirit of Halloween, here are the top five scariest limitations of software composition analysis (SCA) tools that are ...

Cycode Expands Scope of AppDev Security Platform

| | code scanning, Cycode, graph database, SAST, SCA
At the Black Hat USA 2022 conference, Cycode this week announced it has added static application security testing (SAST) and container scanning capabilities to its software composition analysis (SCA) platform that is based ...

CodeLogic Toolkit Increases Visibility Into App Dependencies

| | application development, binaries, code scanning, codelogic, runtime
CodeLogic launched today a toolkit that enables developers to scan binaries, runtime application behavior and database connections and then leverage graph technology to identify connections and dependencies in real-time. Brian Pierce, CodeLogic ...

Turning Off DevSecOps Noise for Functional Fidelity

| | application security, code scanning, DAST, IAST, SAST
Analyzing the DevOps and DevSecOps software marketplace demonstrates the high demand for tools and platforms that reduce false positives. As businesses and organizations adopt a rigorous, disciplined software development life cycle and ...

Contrast Security Adds Free Code-Scanning Tool

| | code scanning, Contrast Security, dast vs sast, static code analysis
Contrast Security this week made available a free security tool that enables developers to scan their code using the same core engine used by the cybersecurity team within their organization. Steven Phillips, ...

WhiteSource Becomes Mend, Launches Automated Remediation Platform

| | code scanning, Mend, SAST, SCA, supply chain, WhiteSource
WhiteSource rechristened itself Mend today and launched a remediation platform that automatically resolves security issues for application developers. Rami Sass, co-founder and CEO of Mend, said now the company is going beyond ...
Show More