Dynatrace introduces security gates

Instant, automated, and fully contextualized vulnerability assessments enable organizations to release software faster without sacrificing security.

Dynatrace says that its platform now includes security gates, enabling DevSecOps teams to automatically assess each new software release to ensure only secure code moves through the delivery pipeline. Just as Dynatrace® quality gates have allowed development, DevOps, and SRE teams to ensure code meets their service-level objectives (SLOs), Dynatrace security gates, powered by the platform’s automatic and intelligent observability, now help these teams assure code is secure as it progresses from preproduction to production.

According to IDC, “The primary drivers for adopting DevSecOps are to improve the overall application security posture by identifying security issues earlier in the software development lifecycle (SDLC), without impacting the velocity of DevOps teams”.1 The importance of unifying observability, automation, intelligence, and security within development processes is underscored by additional research, which reveals more than a quarter of CISOs say development teams sometimes bypass vulnerability scans to speed up software delivery.

The Dynatrace® platform enables teams to precisely identify vulnerabilities found in cloud-native workloads and applications across the SDLC, while also prioritizing these vulnerabilities based on the risk they pose to the business. In addition, the AI and automation capabilities at the core of the platform help orchestrate application development processes at scale, including automating code tests and quality checks against an organization’s SLOs. With this latest enhancement, customers can now leverage Dynatrace’s automation and intelligence, along with the extensive observability data that is already flowing through the platform, to automatically detect, assess, and manage vulnerabilities in real time, and with greater accuracy than traditional security tests that operate on static code.

“As organizations accelerate their pace of innovation with cloud-native technologies, they are increasingly integrating security into software development workflows,” said Steve Tack, SVP of Product Management at Dynatrace. “A DevSecOps approach elevates security as a shared responsibility throughout the entire software development lifecycle, yet manual processes slow progress. With this release, Dynatrace is incorporating application security into software development as a continuous, automated process that matches the rapid release pace required in modern cloud transformation. This ensures organizations can release software with speed and security, and at scale, while freeing time for development, DevOps, and SRE teams to focus on what matters most – driving innovation and business value.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the attackers, the board a decade behind security discussions and regulation needing more industry input.
73% of organizations lack automated patch management, and 62% experienced incidents involving exploitation of a vulnerability for which a patch was available but had not yet been deployed.
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with certain of its affiliates, “Clearlake”) to acquire the Company from Francisco Partners. Patrick Nichols, current CEO of Quest, will continue to lead the Company supported by the existing executive management team. Upon closing of the transaction, Clearlake will become the majority shareholder in Quest. The terms of the transaction were not disclosed.
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to help secure, isolate and recover data from a ransomware attack.
Aqua’s cloud native application protection platform becomes the only solution that protects cloud applications, their code, and their CI/CD infrastructure.
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that the UK’s Mid-Market IT Leadership expects to see a shortfall in IT spend in 2022. While 52% of IT decision-makers believe their 2021 budget met the ambitions of their team, there seems to be less certainty and confidence about future finances — 61% think their budget will need to increase in 2022, but only 13% expect it to.
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities compared to legacy on-premises hardware and appliance-based models.