Opsera introduces GitCustodian to guard supply code repositories


The crew at Opsera, the Steady Orchestration platform for DevOps, at this time introduced the discharge of Opsera GitCustodian. This new answer is meant to alert safety and DevOps groups of weak information present in supply code repositories in order that they’ll stop vulnerabilities from making it to manufacturing.

GitCustodian additionally works to automate the remediation course of for any uncovered secrets and techniques or different delicate artifacts as soon as vulnerabilities are detected.

“Supply code vulnerabilities have the potential to value organizations a whole lot of thousands and thousands and even billions of {dollars} a 12 months as a consequence of breaches from cyberattackers. That is the place Opsera GitCustodian is available in,” stated Gilbert Martin, VP of buyer success and options at Opsera. “It scans and alerts safety groups of weak secrets and techniques lurking in supply code repositories earlier than it’s too late. These groups are actually empowered to proactively implement safe software program improvement lifecycle greatest practices by means of orchestrated secrets and techniques governance making supply code vulnerabilities a factor of the previous.”

Key highlights of this launch embody: 

  • Extremely correct and complete secrets and techniques safety detection so as to uncover a wide selection of secrets and techniques and different delicate information in supply code 
  • The power to scan current supply code repositories and acquire a centralized snapshot of any weak secrets and techniques throughout imaginative and prescient management methods 
  • The addition of proactive secrets and techniques governance into current CI/CD workflows to assist the person go from detection to remediation to verification with built-in alerting and trouble-ticketing for full incident lifecycle administration 
  • The power to securely retailer secrets and techniques and keys with a built-in vault that works to remove the friction of following secrets and techniques administration greatest practices 
  • Collaboration enablement that notifies impacted groups to take motion with out altering how or the place they work 
  • Full insights and analytics to supply customers a full image of the well being and safety of your entire lifecycle with actionable insights and compliance reporting.

“The complexity of contemporary purposes brings with it a number of challenges round managing dependencies and configuration data, safety tokens, username/passwords and different secrets and techniques,” stated Jon Collins, VP of analysis and lead analyst at GigaOM, a know-how analysis firm. “It’s an excessive amount of to anticipate builders to maintain on high of all of the potential points, comparable to inadvertently lacking a .gitignore file and publishing confidential data into Git. In addition to CI/CD automation, enterprises additionally must undertake instruments that may scan software program code and dependencies proactively, and in addition stop the unintended leakage of delicate information.”


Please enter your comment!
Please enter your name here