Harness Security Testing Orchestration (STO) was launched today to help businesses deliver value quicker by increasing velocity and security in deployments. The tool automates security scanning and governance in the software delivery process.
Although DevSecOps gets rid of many late-stage security concerns, it also forces developers to balance quality and speed at which to deliver features. Running multiple security scanners, processing large amounts of disparate data, and identifying, prioritizing, and remediating security vulnerabilities often slows down release velocity, according to Harness.
The Harness STO module is fully integrated into the Harness Software Delivery Platform to deliver secure applications at high velocity. The tool automates the scanning, analysis, and prioritization that slows down the engineering team.
Harness processes the output of scanners to make it easy for engineers to remediate and allows for both high application security and high delivery velocity. The tool integrates with open source and commercial security scanners and can be used with Harness CI/CD and other CI/CD tooling.
“As more organizations adopt a cloud-native approach, they must take steps to secure their SDLC. With Harness STO, entire organizations can embrace the DevSecOps approach without requiring developers to become security experts or slowing down deployments. Harness STO makes security a team sport by infusing security into all aspects of the SDLC,” said Jyoti Bansal, CEO and founder of Harness.
Additional details are available here.