Vdoo, a leader in product security for applications, containers, and embedded software, today revealed a series of new integrations designed to make it easier and more efficient for software developers to implement security at every stage of the CI/CD pipeline. Vdoo’s new integrations support many of the most widely used development tools in the industry, including Jenkins, GitHub, GitLab, JFrog Pipelines and Azure Pipelines, helping developers seamlessly remediate vulnerabilities, achieve shorter release cycles and reduce security risk.
Finding and fixing vulnerabilities early in the development process, known as shifting left, empowers teams to manage issues while they are easier and less costly to accomplish.
However, according to GitLab’s 5th Annual DevSecOps survey, nearly 42% of the respondents said it’s a struggle to unpack, process and fix vulnerabilities, and 37% said tracking the status of bug fixes is challenging.
Vdoo’s new integrations allow developers to automatically trigger security analysis and mitigation actions in the CI/CD process, providing actionable results in every interim and nightly build. Vdoo can identify known (CVEs) and unknown (zero days) issues in any artifact, including embedded systems, containers, server applications, mobile apps, and non-contextual single binaries. When vulnerabilities are identified, new tickets consisting of detailed, actionable mitigation guidance can be created with Vdoo’s existing Jira integration, helping teams prioritize and track their progress in remediating open issues.