Blog
Share This Post
[ad_1]
Microsoft has partnered with Endor Labs to integrate a software composition analysis tool into its Microsoft Cloud Defender platform, reports DevOps.
The move aims to enhance cloud-native application protection by providing deeper insights into vulnerabilities, helping development teams prioritize and reduce potential issues. Endor Labs’ analytic capabilities assess the impact of upgrading open-source packages and include features like Magic Patches, which allow DevSecOps teams to backport fixes without breaking applications.
According to Microsoft’s Security Product Manager Lara Goldstein, Endor Labs was chosen after evaluating multiple SCA tools due to its ability to deliver actionable insights into vulnerability reachability. This integration simplifies addressing both application and infrastructure security within a unified platform, improving attack path visualization from code to runtime. Microsoft said its future plans include integrating Endor Labs’ tool with GitHub Copilot to provide AI-driven remediation guidance. Despite progress in adopting DevSecOps practices, challenges persist. A Techstrong Research survey reveals only 47% of organizations regularly employ best practices, though 59% are increasing investments in application security tools like code scanners.
Get essential knowledge and practical strategies to fortify your cloud security.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
