TMCnet News
Assembla-Kiuwan™ Integration Empowers Teams to Shift Left in DevSecOpsIdera, Inc., parent company of global B2B software productivity brands, today announced powerful new integration capabilities between its Assembla and Kiuwan™ products. The integration allows development teams on Assembla to "shift left" and further secure their software development lifecycle by automatically scanning code in their Assembla repositories with Kiuwan's enterprise-grade application security testing engine. Verizon's (News - Alert) 2018 Data Breach Investigations Report1 found that attacks on web applications exploiting code-level or authentication mechanism vulnerabilities led to the highest number of breaches of all breach patterns. And according to the Ponemon Institute (News - Alert), the global average cost of a data breach is $3.86 million.2 Kiuwan provides an enterprise-grade, end-to-end, non-localized static code analysis (SAST) and code quality analysis (QA) platform. The Assembla-Kiuwan integration leverages Kiuwan's SAST scanning engine to identify potential vulnerabilities and security threats in code, with the capability to scan more than 30+ languages, technologies, and frameworks. Issues detected during weekly scans are automatically highlighted and recorded in a user's Assembla code commit history, enabling them to drill down for further analysis without leaving the repository. "Until now, Assembla users either weren't doing any scanning at all, or they were using separate scanning tools that increased the potential for error in identifying and resolving vulnerabilities," said Robert Warmack, general manager of Assembla. "Similarly, Kiuwan customers had to use a different system to securely store their source code, and spend time manually configuring the connection between the two systems to automate scanning. This integration pushes the envelope on the DevSecOps playbook, combining the premium capabilities of two world-class enterprise software development and security products." To enable scanning, Assembla users navigate to the Security Scan Results tab within their repository and check the "weekly code scan" box to turn the Kiuwan scanner ON (News - Alert). Onc a week, the scanner will scan the code repository within the repository tool for potential vulnerabilities and security threats, and alert the user to any issues from within the Assembla repository tool. All Assembla customers get access to five free vulnerabilities in each weekly scan. Teams with active subscriptions to both Kiuwan and Assembla receive unlimited results from the Kiuwan scanner while gaining access to Kiuwan's powerful business analytics, flexible and comprehensive scanning settings, and notifications directly from the Kiuwan dashboard. Kiuwan users can access this capability by starting a new trial account with Assembla and enabling the integration between Assembla and Kiuwan from their Assembla Integrations settings. Additional Resources Help article: https://articles.assembla.com/assembla-basics/how-to-use-kiuwan-code-security-scanner About Assembla Assembla's secure enterprise cloud version control solutions help developers minimize or eliminate vulnerabilities that can be exploited by hackers. From compliance to source code scanning, Assembla is the security-forward choice for developing, managing and shipping amazing software. Founded in 2005, Assembla has more than 5,500 customers across 157 countries, including Deutsche Telekom (News - Alert), Bayer, Kellogg's, Oracle, Unity, Disney, Apple, Marketo and Salesforce. Assembla is a division of Idera, Inc. To learn more, visit https://www.assembla.com/home. About Kiuwan Kiuwan's application security testing platform provides a complete overview and impact analysis of software architecture in just minutes, reducing risk and improving change management and DevOps processes. The solution integrates with leading IDEs, build systems, bug tracking tools and repositories to detect and eliminate vulnerabilities, and provide full compliance with security standards. Kiuwan has more than 200 customers in 25 countries. Kiuwan is a division of Idera, Inc. To learn more, visit https://www.kiuwan.com/. 1 https://enterprise.verizon.com/resources/reports/dbir/ 2 https://www.ibm.com/security/data-breach View source version on businesswire.com: https://www.businesswire.com/news/home/20190418005195/en/ |
