Accurics Announces Partnership with GitLab
Accurics makes use of GitLab’s connection to give DevSecOps teams a holistic, contextualized view of application and infrastructure vulnerabilities.
FREMONT, CA: Accurics, a cloud cyber resilience specialist, has announced a technology partnership with GitLab, a single DevOps lifecycle application, as well as the general availability of its integration with GitLab’s Static Application Security Testing (SAST) solution. Accurics makes use of GitLab’s connection to give DevSecOps teams a holistic, contextualized view of application and infrastructure vulnerabilities. As a result, throughout the Software Development Lifecycle (SDLC), organizations can now design and programmatically enforce consistent risk management policies, reducing the time and cost of manual triage and inquiry.
Traditionally, cloud infrastructure and applications are delivered through two independent pipelines, separating application security risks from Infrastructure as Code (IaC) misconfigurations. As a result, developers are frequently faced with a huge list of vulnerabilities and misconfigurations to address, with no context to prioritize remediation of those vulnerabilities and misconfigurations that could be exploited.
“The most effective innovation is often incremental–for example, new capabilities and additional functionality accompanied by relevant security advances,” said Om Moolchandani, Co-founder, CTO & CISO, Accurics. “In this environment, we see diverse and largely unconnected vulnerabilities and misconfigurations, collectively producing a level of noise that makes identifying the most serious risks vital but difficult. The partnership with GitLab serves to add greater context to every layer of code and strengthens the security risk posture throughout the extended development lifecycle.”
Accurics users benefit from the integration with GitLab since it correlates IaC, cloud, and SAST vulnerabilities to help manage risk throughout the SDLC and generate a threat score. This threat score can be utilized by Policy as Code policy guardrails to prevent the most dangerous builds from being released into production while also offering insight into less dangerous issues that don’t justify breaking the build. As a result, developers can concentrate their efforts on addressing the most pressing concerns first.
“The growing adoption of GitOps practices and Infrastructure as Code necessitates scalable risk management tools,” said Nima Badiey, Vice President, Global Alliances, GitLab. “The integration between GitLab and Accurics will help customers to programmatically define infrastructure and risk management policies more effectively throughout the software development lifecycle.”
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
By George Evans, CIO, Singing River Health System
By John Kamin, EVP and CIO, Old National Bancorp
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
By Sergey Cherkasov, CIO, PhosAgro
By Pascal Becotte, MD-Global Supply Chain Practice for the...
By Stephen Caulfield, Executive Director, Global Field...
By Shamim Mohammad, SVP & CIO, CarMax
By Ronald Seymore, Managing Director, Enterprise Performance...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
By Jim Whitehurst, CEO, Red Hat
By Clark Golestani, EVP and CIO, Merck
By Scott Craig, Vice President of Product Marketing, Lexmark...
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
By Amit Bahree, Executive, Global Technology and Innovation,...
By Greg Tacchetti, CIO, State Auto Insurance