Vulnerability management in 2025 is overwhelmed by escalating CVEs and costly breaches; organizations must shift from slow, manual patching to continuous, risk-based, AI-powered remediation to stay secure.
What Makes Vulnerability Scanning Effective in Fast-Moving DevSecOps Pipelines Today?
Traditional vulnerability scanning can’t keep pace with CI/CD. Learn how real-time, context-aware scanning reduces noise, speeds fixes, and enables secure DevSecOps at scale.
Checkmarx Brings Generative AI to SAST and IaC Security Tools
Under an early access program, Checkmarx today made available query builder and guided automation tools that take advantage of OpenAI’s generative artificial intelligence (AI) technologies to make it simpler for developers to resolve application security issues. AI Guided Remediation surfaces actionable remediation recommendations for vulnerability issues such as misconfigurations directly from within integrated development environments […]
Mobb Launches Community Edition of Automated Remediation Tool
Mobb today made available a free community edition of a namesake tool that creates fixes to open source vulnerabilities. The fixes are based on the results of code scanning by a static application security testing (SAST) tool. Fresh from raising $5.4 million in seed funding, Mobb CEO Eitan Worcel said the company developed a tool […]
New Relic Bolsters Observability Platform
New Relic has updated its observability platform to include the ability to better detect and track errors in addition to monitoring vulnerabilities. At the same time, an instance of the New Relic observability platform that runs natively on the Microsoft Azure cloud platform is now also generally available. Manav Khurana, general manager for observability product […]
Rezilion Updates Open Source MI-X Tool to Better Secure App Development
Rezilion has updated its open source MI-X vulnerability discovery tool to include mitigation and remediation recommendations. In addition, the tool can now produce machine-readable output in either a JSON or CSV format. Finally, the company added Windows support for Heartbleed and SpookySSL vulnerabilities in Windows environments. MI-X makes it possible to use a command line […]
WhiteSource Tool Automatically Fixes Code Vulnerabilities
WhiteSource today announced that it has developed the first-ever tool that automatically remediates vulnerabilities discovered in custom code. Rami Sass, WhiteSource CEO, said WhiteSource Cure surfaces recommendations for fixing security vulnerabilities in code that developers can then apply with a click of a button. WhiteSource has a long history of providing tools that discover vulnerabilities […]
Using Incident Response for Continuous Testing
Incident response tools offer the ability for organizations to not only implement continuous testing but to also shorten the feedback loop from continuous testing back into planning and development At this point, you should be able to say the word “continuous” to any technical team, drop the mic and leave. Yes, the idea that we […]
Tenable Allies With Datadog to Drive DevSecOps
Datadog and Tenable have teamed up to enable organizations to adopt best DevSecOps processes. Tenable CTO Renaud Deraison said his company is making the cybersecurity data it gathers via its Nessus vulnerability scanning software available to the monitoring and analytics service provided by Datadog. The goal is to make it easier for DevOps teams to […]
DevOps Chats: 1-Click Vulnerability Scanning on GCP, With Qualys
Sometimes the best way to accomplish something is to choose a path requiring the least friction, or amount of change. Qualys customers now have that path available to them in bring vulnerability scanning into Google Cloud Platform. Qualys’ recent announcement means a one-click configuration change enables vulnerability scans in GCP with the results appearing in […]