Monday, 31 May 2021 11:57

Trend Micro launches SecOps solution to detect and eliminate open source code bugs

By

The Trend Micro Cloud One – Open Source Security by Synk exposes open source software vulnerabilities for security operation teams and tackles open source risk on a single platform.

Trend Micro launches a co-built SaaS solution with Snyk. The first of its kind, Trend Micro claims, is said to provide continuous insight into open source vulnerabilities for enhanced risk management to drive data-driven decisions.

Trend Micro Cloud One - Open Source Security by Snyk is the newest Cloud One service and the first partner to the platform, available through the channel and in the AWS Marketplace.

This is the first service that provides visibility into open source software vulnerabilities for security operation teams. The use of these open source code components is in demand, attributed to the speed, flexibility, extensibility and quality they offer application development teams. According to Snyk, 80% of application code today is open source.

In its Market Guide for Software Composition Analysis report, IT service management company Gartner stated that “open-source software is used in nearly all organizations. This introduces risks from readily exploitable vulnerabilities; an expanded attack surface through which malware and malicious code can gain access, compromising proprietary code and infrastructure; and legal and intellectual property exposures.”

Snyk has observed 2.5x growth in open source vulnerabilities over the past three years, making it more necessary than ever to deliver security further into the DevOps pipeline. However, process gaps, mismatched toolsets, and communication challenges between SecOps and DevOps are commonplace.

According to Trend Micro, this means security practitioners face an uphill battle and lack visibility into application build-time risks. This cloud service from Trend Micro and Snyk bridges the challenges between security and development teams with a unified solution that delivers visibility sooner in the software development lifecycle to further protect the stack.

Geva Solomonovich, Snyk chief technological officer, global alliances, says: “Together Snyk and Trend Micro are investing in the future of the cybersecurity industry, where security and development teams effectively work together to make their organisations safer.”

He continues: “Adding Snyk’s developer-first security technology to Trend Micro's Cloud One allows more customers to tackle open source risk on a single platform, minimising the need to manage multiple vendors and tools. We look forward to our continued collaboration with Trend Micro to foster more innovative, effective ways to solve key security concerns for our customers.”

Almost all applications developed across the world in the last 25 years have been built using open source code. As the pressure to build and deliver new cloud-native applications continues to increase, says Trend Micro, and organisations often lose sight of older applications, their component inventories, and maintenance and update cycles—creating further opacity and risk.

Kevin Simzer, Trend Micro chief operating officer, says the company is able to solve several problems and use technology to bridge internal gaps.

Simzer claims: “This offering can save over 650 hours of development time per application through increased automation, helps to manage risk and liability with license requirements, and gives security teams visibility into a part of our functional code base that has not been accessible before.”

Trend Micro Cloud One - Open Source Security by Snyk also enables SecOps to identify vulnerabilities and issues related to licensing. This security is said to empower teams to better monitor, prioritise, and communicate risk and exposure rates within DevOps projects over time. This happens with:

● Data-driven security decisions
● Continuous monitoring of threat levels
● Effective prioritisation of risks and remediation recommendations

Trend Micro says built-in automation also helps security teams quickly identify and gain awareness of indirect open source dependencies that both security and developer teams may not be aware exist in their applications. Approximately eight hours can be saved per vulnerability through automation and early discovery.

Read 1349 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

GET READY FOR XCONF AUSTRALIA 2022

Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.


Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event

GET YOUR TICKET!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Kenn Anthony Mendoza

Kenn Anthony Mendoza is the newest member of the iTWire team. Kenn is also a contributing writer for South China Morning Post Style, and has written stories on Korean entertainment, Asian and European royalty, Millionaires and Billionaires, and LGBTQIA+ issues. He has been published in Philippine newspapers, magazines, and online sites: Tatler PhilippinesManila BulletinCNN Philippines LifePhilippine StarManila Times, and The Daily Tribune. Kenn now covers all aspects of technology news for iTWire.com.

Share News tips for the iTWire Journalists? Your tip will be anonymous