Checkmarx has announced it will integrate its application security testing solutions directly into the GitLab pipeline. 

Developers will now have access to automatic SAST and SCA security scans in the event of pull or merge requests, eliminating time-consuming manual scans and allowing developers to find and fix vulnerabilities earlier in the SDLC and make security assessments all while staying within the GitLab environment, according to the companies. 

With the integrations of Checkmarx CxSAST and CxSCA, GitLab users can secure both proprietary and open source code in one solution, with just-in-time developer AppSec training layered in via CxCodebashing.

Google DevTools update
DevTools now displays media player information in the Media panel, providing an easier way to view events, logs, properties, and a timeline of frame decodes in the same browser tab as the video player itself. 

Users can also now capture node screenshots via the context menu in the Elements panel.

In addition, users can use the new disable local fonts feature to emulate missing  ‘local()’ sources in ‘@font-face’ rules, emulate inactive characters, and have access to new JavaScript features. 

Microsoft TileCode released
Microsoft TileCode is a game creation app that allows users to design, code, and play video games directly on low-cost Microsoft MakeCode Arcade gaming handhelds, as well as in the web browser.

Users start with a low floor as they are able to simply play a game and change one rule or elements of the game world. Once familiar with the application, players are provided with wide walls for creating different types of games. Then in high ceiling learning activities, users can implement more complex games. 

“TileCode presents a unique opportunity for youth to develop their own pixel art for tiles and sprites. It also engages users in new ways of thinking about game world design and the ways of creating different maps for different games,” according to Microsoft in a blog post.

Cobalt’s pentesting funding
Cobalt announced that the company raised $29 million in a Series B funding round to further their pentesting as a service platform. 

The company aims to tackle three major pentest pain points including replacing static report delivery, local talent limitations, and expensive and cumbersome testing. 

“We as a company champion deep collaboration and cooperation between pentesters, security teams, and developers,” said Caroline Wong, the chief strategy officer of Cobalt. “I believe it’s only in partnership that security issues can be found and fixed so the software can become more secure.”

Apache weekly update
Last week saw the release of Apache APISIX Dashboard 1.5 (Incubating) as well as Apache SkyWalking Chart 3.1.0.

In the big data space,  Apache ShardingSphere ElasticJob UI 3.0.0-alpha that features a One-off job executor, Spring Boot Starter for ElasticJob-Lite, and more database support for event trace persist. 

Other project releases include Apache Qpid JMS 0.54.0, Dispatch 1.13.0, as well as Apache Lucene 8.6.1 and Solr 8.6.1.

Additional details are available here.