ZeroNorth Enables Secure Software
October 12, 2020
developed new capabilities for its SaaS-based application security
automation and orchestration platform. With these new capabilities, the
ZeroNorth platform aims to remove friction between security and DevOps
teams by making security integral and transparent within the software
development life cycle. By doing so, ZeroNorth empowers developers to
deliver the secure software required to drive business growth.
The new features include application portfolio reports and support for
additional application scanning tools and toolchain integrations, such
as Scout Suite, Aqua Trivy, Gitlab and BitBucket Server. These
capabilities are ideally suited for organizations with distributed
business lines and DevOps teams that are striving to gain a competitive
edge in the current economic climate.
“The shift to DevOps means that both Security and Development must now
play a critical role in the delivery of secure software,” said Christian
J. van den Branden, Senior Vice President, Engineering & Product
Management at ZeroNorth. “The ZeroNorth platform seamlessly integrates
security throughout the software development lifecycle, empowering the
Security team to own the enforcement of standards and reporting while
liberating the development team to deliver secure software faster and
ZeroNorth delivers a holistic view of application risk to help maintain
The new Application Portfolio report highlights the security policies
applied to each application, scan results and progress of remediation
work, and enables users to drill down from the big picture into details
on a more granular level. This visibility ensures the CISO gains a
holistic view of risk, while product security and engineering teams can
implement application security based on the line of business (LOB)
ZeroNorth adds new integrations to unburden developers
ZeroNorth makes application security programs transparent and friction
free for developers so they can develop secure applications without
changing their workflows or being flooded with non-priority tickets.
To this end, the ZeroNorth platform is enhancing its roster of leading
commercial and open source application security tools with support for
Scout Suite, an open source multi-cloud security-auditing tool which
enables security posture assessment of cloud environments, and Aqua
Trivy, a comprehensive open source vulnerability scanner for container
ZeroNorth is also expanding its DevOps toolchain integrations to further
support development agility. With this new release, the ZeroNorth
platform automatically integrates with, and can scan the contents of
BitBucket Server and GitLab source code repositories including branches
within both GitLab and GitHub repositories.
"Security teams struggle to keep pace with development, and
historically, DevOps teams have neglected security to their peril. With
disparate tools clouding the landscape, organizations have left
themselves open to attack because of the lack of integration and scant
visibility across hybrid environments,” commented Jim Mercer, Research
Director at IDC. “The application security and risk management
capabilities of the ZeroNorth platform provide a compelling value
proposition to help DevOps teams optimize their DevSecOps effectiveness
while improving velocity and reducing risk."
ZeroNorth delivers new enhancements to accelerate pipeline velocity
includes key new features that focus on providing greater flexibility to
security and development teams, helping them deliver applications at
greater velocity, including:
Customization of vulnerability data compression parameters, such as
name and type of vulnerabilities, libraries included etc.
Customization of alerts to meet the
needs of the DevOps process and support data-driven business decisions
in real time.
All new features and enhancements are
generally available in the ZeroNorth platform.