Topic: scanning

Checkmarx KICS now integrated into GitLab 14.5

Checkmarx’s open-source KICS (Keeping Infrastructure as Code Secure) solution has been integrated into version 14.5 of the GitLab DevOps Platform as an infrastructure-as-code scanning tool. KICS automatically parses infrastructure-as-code files of any type to detect insecure configurations that could expose applications, data and services to attack. Users of Ansible, AWS CloudFormation, K8S or Terraform can … continue reading

Veracode launches scanning tool to find API vulnerabilities

Veracode launched an advanced scanning tool that enables organizations to find and fix vulnerabilities in APIs.  The new capability leverages Veracode’s Dynamic Analysis (DAST) scanning engine to provide comprehensive security insights and remediation guidance for APIs. “The explosion of APIs means that application development is becoming more fragmented and decentralized in nature, so the attack … continue reading

SD Times news digest: Kotlin public roadmap, third-party tools for GitHub code scanning, and Rancher 2.5

JetBrains has announced a new public roadmap for Kotlin that details the next 6 months. Currently, the Kotlin team is focusing on delivering fast turnaround to speed up the change-test-debug cycle, working on a new compiler, a fast IDE, and more.  The compiler is a rewrite of the Kotlin compiler optimized for speed, parallelism, and … continue reading

RSA conference has machine-learning, cloud-based solutions on display

It’s no secret that computer security is a difficult area of expertise. At the annual RSA Conference in San Francisco this week, attendees were treated to a host of solutions to solve their security woes. As usual, however, software development is not the focus. Robert Griffin, chief security architect at RSA, agreed that developing secure … continue reading

Black Duck adds container-scanning capabilities

The growth of container usage has created new challenges for DevOps teams, which is why Black Duck Software announced today that it will be adding container-scanning capabilities to its Hub software. This addition will help DevOps teams map open-source security vulnerabilities for applications. It will also allow them to map Linux distributions and other software … continue reading

OnePlus OxygenOS, Mono 4.0, and Microsoft’s open-source Bond framework—SD Times news digest: April 6, 2015

Smartphone marker OnePlus has unveiled a custom version of its Android operating system, OxygenOS. OxygenOS is based on Google’s Android Lollipop version 5.0.2. With OxygenOS, the company claimed it would make it easier to respond to user feedback, and to provide better updates and an integrated range of services for OnePlus users. “In this environment … continue reading

DMCA.com Protection Status