Trend Micro Launches New Cloud One Service for Open Source Software


Trend Micro has launched a new Cloud One service that detects vulnerabilities, improves visibility, and provides tracking automation for open source software.

The new service, a SaaS solution co-built with Snyk, is designed to provide continuous insight into open source vulnerabilities, enable risk management and make data-driven decisions.

Open Source Security by Snyk, is the latest Cloud One service and the first partner added to the platform, which is available through the channel as well as AWS Marketplace.

This is the first service to provide visibility into open source software vulnerabilities to operational security teams. The use of open source code components is growing rapidly due to the speed, flexibility, extensibility, and quality they can offer to application development teams. According to Snyk, 80% of the code in today’s apps is open source.

Gartner notes in its Market Guide for Software Composition Analysis, that open source software is used in almost all organizations. It says this introduces easily exploitable vulnerability risks and creates larger attack surfaces through which malware and malicious code can access, compromising proprietary code and infrastructure, and also causing property exposures. legal and intellectual.

According to Snyk, the number of open source vulnerabilities has increased 2.5 times over the past three years, making improving security in the DevOps pipeline more important than ever. But he says process gaps, incompatible tool sets, and communication issues between SecOps and DevOps are commonplace.

This often means that security professionals can face an uphill battle and lack visibility into the risks associated with application creation time.

“Together, Snyk and Trend Micro are investing in the future of the cybersecurity industry, where security and development teams work effectively together to make their organizations more secure,” said Geva Solomonovich, CTO of Snyk’s Global Alliances.

“Snyks’ developer-first security technology from Trend Micro’s Cloud One enables more customers to tackle open source risks on a single platform, thereby minimizing the need to manage multiple vendors and tools. We look forward to continuing to work with Trend Micro to foster more innovative and efficient ways to solve key customer security issues. “

Most of the applications developed around the world over the past 25 years have been built using open source code. As the pressure to build and deliver new cloud native applications continues to increase, organizations often lose sight of old applications, their component inventories, and maintenance and update cycles, creating additional risks.

“With this unique solution, we are able to solve multiple problems and use technology to fill internal gaps,” said Kevin Simzer, COO of Trend Micro.

“This offering can save over 650 development hours per application through increased automation and help manage risk and liability with licensing requirements, it also gives security teams visibility into part of our code base.” functional that was not previously accessible. “

The service also enables SecOps to identify vulnerabilities and licensing issues. This can allow security teams to monitor, prioritize, and communicate the rates of risk and exposure within DevOps projects over time.

Here are some examples :

  • Data-driven security decisions
  • Continuous monitoring of threat levels
  • Effective prioritization of risks and remediation recommendations

Built-in automation can also help security teams quickly identify indirect open source dependencies that security and development teams may not be aware of in their applications.


Comments are closed.