Data Security, Platform Security, Software Security

Copado Launches New DevSecOps Training Module to Make Releases Faster and More Secure

Copado
Copado, the global leader in low-code DevOps, today announced it launched a new DevSecOps training module to help make software releases faster and more secure. The new module is available in the Copado Community, where its 55,000 members can learn, connect and grow their careers. Copado has already trained more than 35,000 DevOps specialists and certified more than 20,000 DevOps professionals with a goal to train 15,000 more by the end of 2022.

Research has shown that 70% of development teams lack the knowledge and skills needed to implement DevSecOps best practices.

"Without DevSecOps best practices, software releases can be plagued with quality and security issues, costing more time and money post-production to correct them. "To address this growing need for DevSecOps skill sets, Copado is offering self-paced online training to upskill DevOps professionals, administrators, developers and architects. Our community can help jumpstart a new career path or level up your current path by unlocking your full potential."

Pat McQueen, Senior Vice President of Customer Success & Global Services at Copado

The DevSecOps module is designed to help make release cycles shorter, more secure and resilient. It explains how to integrate compliance, security and testing in a DevOps pipeline in order to avoid cybersecurity architects manually maintaining the security consoles and additional configurations in the application. It highlights the importance of security and compliance for an organization, identifies DevSecOps best practices, and explains how to build a successful DevSecOps strategy and culture.

Copado also joined industry leaders Accenture, Broadcom, IBM and others in the new OASIS Open Value Stream Management (VSM) Interoperability Technical Committee. The group will develop new interoperability standards to enable VSM data sharing across platforms.

"DevOps and DevSecOps are extremely fractured markets when it comes to tools: there are literally thousands of products that are involved in building resilient pipelines," said Daniel Riedel, Senior Vice President of Strategic Services for Copado. "As the industry matures, value stream management will help bring observability to the process. Creating an interoperability standard now will ensure that organizations can rely on cohesiveness in tool integration. Interoperability will provide the transparency to ensure a stronger, more resilient infrastructure for customers and employees."

About Copado
Copado is the leading DevOps and testing solution for low-code SaaS platforms that run the world's largest digital transformations. Backed by Insight Partners, Salesforce Ventures and SoftBank Vision Fund, Copado accelerates multi-cloud, enterprise deployments by automating the end-to-end software delivery process to maximize customers' return on their cloud investment. More than 1,000 companies rely on Copado to drive digital transformation with speed, quality and value including Boston Scientific, Coca-Cola, Fair Trade, Linde, MassMutual, Schneider Electric and Shell. Copado processes over 50 million DevOps transactions per month and is rated with a 100% score on the Salesforce AppExchange.

Spotlight

Other News
API Security

Wallarm Announces Policy Integration with MuleSoft AnyPoint Platform

Wallarm | October 13, 2023

Wallarm has announced the availability of Application and API Security policies seamless integration with the MuleSoft AnyPoint Platform, providing essential protection for apps and APIs in various deployment scenarios. This integration of Wallarm and MuleSoft presents a compelling choice for organizations dedicated to comprehensively safeguarding and managing their API security management, ensuring robust protection for their digital assets. In the digital age, enterprises heavily depend on APIs to facilitate application connections and drive their digital transformation. Wallarm's latest offering seamlessly integrates with the MuleSoft API management and integration platform, bolstering cloud security and compliance to meet the evolving needs of modern businesses. Effective API management is paramount for organizations, and the market offers numerous commercial solutions, each with its unique features. Whether opting for well-known platforms such as MuleSoft, Kong, or Apigee, or exploring external tools like Akamai Edge and Azion Edge, the decision on how to deploy and manage crucial APIs depends on factors such as scalability, performance, and existing infrastructure. Regardless of the chosen approach, the demand for robust API security that effortlessly aligns with these varied deployment methods remains a top priority. CEO and Co-founder of Wallarm, Ivan Novikov, said, Wallarm is keen to unveil a cutting-edge cloud-based security policy that is agile and fully integrated with MuleSoft, a leading integration and API management platform in the market. [Source – Business Wire] About Wallarm Wallarm is a leading provider of robust protection for APIs, microservices, web applications, and serverless workloads in cloud-native environments. Trusted by numerous Security and DevOps teams, Wallarm excels in comprehensive web app and API endpoint discovery, shielding against emerging threats across their API portfolio, and automating incident response for enhanced risk management. The platform is designed to support modern tech stacks, offering a myriad of deployment options in both cloud and Kubernetes-based environments, including a full cloud solution. Based in San Francisco, California, Wallarm is backed by prominent investors like Y Combinator, Toba Capital, Partech, and others.

Read More

API Security

Salt Security, CrowdStrike Expands Partnership with New Integration

Salt Security | September 20, 2023

Salt Security, a prominent API security company, has announced the expansion of its partnership with CrowdStrike, a leading cybersecurity technology company providing cloud workload and endpoint security, cyberattack response, and threat intelligence services. This expansion involves the integration of the Salt Security API Protection Platform with the widely recognized CrowdStrike Falcon Platform. Roey Eliyahu, Co-founder and CEO of Salt Security, stated, Protecting against API threats requires deep visibility and robust runtime protection. We’re excited to bring our unique strengths in API security to the CrowdStrike customer base with this new integration. Together with CrowdStrike, Salt can provide organizations with extended runtime protections and posture management across the cloud and application landscapes. [Source – Cision PR Newswire] Through this integration, customers gain access to a comprehensive 360-degree view of API security risks, particularly focusing on the application-layer attack surface. This integration is accessible via the CrowdStrike Marketplace and provides valuable API threat intelligence. It also enhances cross-organization API security capabilities by streamlining and enhancing the workflows related to API auditing, monitoring, and enforcement. The partnership between Salt Security, offering top-notch API runtime monitoring and AI-driven insights, and CrowdStrike, renowned for its award-winning AI-powered protection, provides organizations with complete visibility into their API attack surface. This integration also offers valuable context regarding the severity of threats in relation to business-critical aspects. With this partnership, customers benefit from: API vulnerability and threat context API threat mitigation API threat management automation The patented Salt API security platform stands out for its utilization of cloud-scale big data, artificial intelligence (AI), and machine learning (ML). These technologies work in tandem to automate the process of discovering and cataloging an organization's entire set of APIs. Salt plays a crucial role in pinpointing areas where APIs might expose sensitive data. This proactive approach aids enterprises in recognizing and mitigating potential API threats while also reinforcing their overall API security. Gur Talpaz, Head of Falcon Fund and Vice President of Corporate Development at CrowdStrike, said, With APIs now a prime target for malicious actors, securing them requires a comprehensive and diligent approach. Through this joint integration, we can harness the mature AI-driven intelligence of the Salt API security platform with our widely deployed Falcon platform, giving organizations complete visibility into their application-layer attack surface and a detailed understanding of their application threat landscape. [Source – Cision PR Newswire] About Salt Security Salt Security is a leading API security company that safeguards the APIs at the core of all modern applications. Its API Protection Platform is the sole API security solution that integrates the power of cloud-scale big data with time-tested machine learning and artificial intelligence to detect and prevent API attacks. Salt provides extensive context, real-time analysis, and continuous insights for API discovery, hardening APIs, and attack prevention by correlating the activities of millions of APIs and users over time.

Read More

Data Security

Canadian Federal Government Choose Netskope as Preferred Vendor

Netskope | September 11, 2023

Netskope, an industry-leading secure access service edge (SASE) provider, has announced that it has been chosen as the preferred cloud access security broker vendor for the Canadian Federal Government under the cybersecurity procurement vehicle (CSPV) of Shared Services Canada (SSC). The objective of the SSC cloud access security broker CSPV is to provide government users with secure access to cloud-based applications, including all software-as-a-service (SaaS) applications, regardless of their location. The Government of Canada (GC) selected Netskope after a competitive bidding process for a commercially available cloud access security broker service to fulfill its business requirements across various government organizations and agencies. The cloud access security broker service aims to facilitate the continued adoption, utilization, and delivery of SaaS cloud services by GC departments. The cloud access security broker service will improve the security posture of GC applications, services, and data as they are migrated to public cloud environments, permitting complete visibility and monitoring of GC cloud environments to detect, prevent, and respond rapidly to cyber threats; and ensuring the privacy, confidentiality, and protection of GC data in accordance with GC policies. As an integral part of Netskope Intelligent Security Service Edge (SSE), Netskope's market-leading cloud access security broker enables agencies to detect and manage the usage of cloud applications rapidly, irrespective of whether they are managed or unmanaged, and safeguard sensitive data from being stolen by malicious cybercriminals or risky insiders who have compromised the technology environment. A cloud access security broker is a cloud-based or on-premises security policy enforcement point situated between cloud service providers and consumers to combine and insert enterprise security policies when cloud-based resources are accessed. With a cloud access security broker solution, agencies can manage the unintentional or unauthorized transfer of sensitive data between cloud application instances while expediting security workflows with simple policy controls and incident response management. Paul Tanasi, Federal Regional Manager, Netskope, said, With the hybrid workforce becoming the new normal, Canadian government departments and agencies are relying more and more on giving their users direct-to-cloud access to SaaS applications and to web applications in general. [Source – Cision PR Newswire] Paul Tanasi further mentioned that there is a requirement to ensure these users' security and regain some of the visibility and control they were accustomed to when everyone worked from the office. A solution is required to tackle risks associated with cloud services, enforce security policies, and adhere to regulations, mainly when dealing with cloud services that are located outside their network perimeter and beyond their direct control. Netskope's CASB solution would offer the capability to adopt cloud applications and services confidently without compromising security or performance. About Netskope Netskope, an industry leader in SASE, assists organizations in implementing zero trust principles and AI/ML innovations to safeguard data and defend against cyber threats. The company's platform offers optimized access and real-time security for devices, people, and data, regardless of their location. Netskope assists customers in mitigating risk, accelerating application performance, and gaining unparalleled visibility into cloud, web, and private application activity. Thousands of clients rely on Netskope and its robust NewEdge network to combat evolving threats, technology shifts, new risks, organizational and network changes, and others.

Read More

Software Security

SCYTHE Latest Version 4.1 Introduces Enhanced Deployment Flexibility and AI-Driven Productivity Boost

Business Wire | November 02, 2023

SCYTHE, a leading provider of cybersecurity solutions, announces the release of SCYTHE 4.1, the latest evolution in its cutting-edge cyber resilience offering. This release brings new and enhanced features to empower organizations in their continuous efforts to strengthen their cybersecurity posture. SaaS Offering for Unparalleled Flexibility SCYTHE 4.1 introduces its initial Software as a Service (SaaS) offering, providing organizations with newfound deployment flexibility. This SaaS option offers the same robust capabilities as the on-premises version, ensuring that teams can choose the deployment model that best suits their needs without pricing changes. SCYTHE's commitment to flexibility ensures that organizations can secure their infrastructure on their terms. Advanced Agent Support with Scheduling for Continuous Testing To unlock even greater control over security testing, SCYTHE 4.1 introduces advanced agent support with scheduling. This feature allows organizations to perform continuous testing by automating the deployment and execution of security assessments at specified intervals. With the power of scheduling, teams can proactively identify threats, assess controls, and evaluate their readiness to respond to cyber threats. SCYTHE empowers organizations to maintain the highest level of cyber resilience without manual intervention. Cloppy - Your AI-Powered Security Analyst In a significant leap forward, SCYTHE unveils the early access beta release of "Cloppy," its supervised machine learning (ML)-based AI analyst chatbot. Cloppy enhances team productivity, job satisfaction, and cybersecurity capabilities by delivering instant insights and recommendations. This AI-driven assistant will leverage private knowledge base instances, ensuring sensitive information stays secure. Cloppy is poised to become a trusted companion for security professionals, providing real-time guidance and augmenting their decision-making processes. As cyber threats continue to evolve, so must our approach to cybersecurity. SCYTHE 4.1 represents our commitment to innovation and empowering organizations to stay ahead of cyber adversaries, said Marc Brown, Head of Product at SCYTHE. With our SaaS offering, advanced agent support, and the introduction of Cloppy, we're equipping organizations with the tools they need to enhance their cyber resilience while simplifying offensive security. SCYTHE 4.1 Platform is now available for both new and existing customers. For more information on SCYTHE's comprehensive cyber resilience solutions, please visit https://scythe.io. About SCYTHE SCYTHE represents a paradigm shift in cybersecurity risk management, empowering organizations to Attack, Detect, and Respond efficiently. The SCYTHE platform enables collaboration between red, blue, and purple teams to build and emulate real-world adversarial campaigns. SCYTHE's innovative dual-deployment options and comprehensive features ensure a proactive cybersecurity approach. Headquartered in Arlington, VA, SCYTHE is privately funded by distinguished partners dedicated to shaping a more resilient cybersecurity landscape.

Read More