CA Technologies announced its acquisition of software composition analysis specialists SourceClear early this week with aims to incorporate SourceClear’s SaaS-based SCA tool and proprietary vulnerability database with their Veracode cloud platform. “We are excited about what this acquisition means for our customers in terms of increased support for SCA in DevSecOps environments and the ability … continue reading
Rogue Wave Software has acquired Akana, a company that specializes in managing and securing APIs. According to Rogue Wave CEO Brian Pierce, the acquisition will build on Rogue Wave’s commitment to software development, and it will extend its efforts into web, mobile and IoT. The Akana API platform is currently available in three editions, which … continue reading
After discovering malicious users that were using open-source projects to participate in dangerous activities like bitcoin mining, SourceClear created a free project to help the community discover suspicious builds before they become an issue. SourceClear, which is dedicated to helping developers use open-source software safely, has spent the last 18 months trying to dig deep … continue reading
SourceClear is announcing new integrations designed to add a security layer to Continuous Delivery processes. The company announced integrations across the Atlassian stack with Bitbucket Pipelines, JIRA Server, JIRA Cloud and Bamboo, as well as Travis CI, CircleCI and Codeship. “With this solution, we are effectively improving the code pipeline by stacking up the services … continue reading
Atlassian continued its push to bring development teams together at the opening of its annual Summit in San Jose. Highlights from today included dozens of integration announcements from partners, as well as new features for BitBucket and other product lines. BitBucket now offers large file support and development pipelines, as both features were officially released … continue reading
Yahoo announced that its highly scalable, low latency pub-sub messaging system is now open-source. The system provides pub-sub messaging semantics and is what Yahoo uses to provide messaging as a hosted service. Developers that use Pulsar can set up a centrally managed cluster to provide pub-sub messaging as a service. Since the system is horizontally … continue reading
As a way to help developers prevent disclosure of sensitive information or help them identify potentially dangerous commits, SourceClear has open-sourced Commit Watcher, a tool that finds both accidental credential leaks and security patches before they become an issue. Commit Watcher finds interesting or potentially hazardous commits in Git projects, according to its GitHub page. … continue reading
Software security is improving, but this past year still saw hacks and security breaches. In 2015, companies were creating new tools or initiatives to make sure data and critical information were protected, but with a fair share of leaks and hacks, the wait for a solution to software security continues. Unlike other approaches to security, … continue reading
The software development industry is growing by leaps and bounds every day, but security still seems to be a problem that hasn’t been conquered. Many businesses have had the displeasure of dealing with hack attacks, and we read about them almost every week. So here comes SourceClear: a security company focused on software developers that … continue reading