• Home
  • Press Releases
  • ZeroNorth Delivers New Capabilities to Rapidly Identify, Prioritize and Remove Vulnerabilities Standing in the Way of Software Excellence

ZeroNorth Delivers New Capabilities to Rapidly Identify, Prioritize and Remove Vulnerabilities Standing in the Way of Software Excellence

Publish Date

Oct 8, 2020

New enhancements empower organizations to maintain enterprise standards for application security while accelerating software delivery, without disrupting DevOps processes

Boston, October 8, 2020 – ZeroNorth, the only company to unite security, DevOps and the business for the good of software, today announced new innovative capabilities for its SaaS-based application security automation and orchestration platform. With these new capabilities, the ZeroNorth platform aims to remove friction between security and DevOps teams by making security integral and transparent within the software development life cycle. By doing so, ZeroNorth empowers developers to deliver the secure software required to drive business growth.

The new features include application portfolio reports and support for additional application scanning tools and toolchain integrations, such as Scout Suite, Aqua Trivy, Gitlab and BitBucket Server. These capabilities are ideally suited for organizations with distributed business lines and DevOps teams that are striving to gain a competitive edge in the current economic climate.

“The shift to DevOps means that both Security and Development must now play a critical role in the delivery of secure software,” said Christian J. van den Branden, Senior Vice President, Engineering & Product Management at ZeroNorth. “The ZeroNorth platform seamlessly integrates security throughout the software development lifecycle, empowering the Security team to own the enforcement of standards and reporting while liberating the development team to deliver secure software faster and more easily.”

ZeroNorth delivers a holistic view of application risk to help maintain enterprise standards
The new Application Portfolio report highlights the security policies applied to each application, scan results and progress of remediation work, and enables users to drill down from the big picture into details on a more granular level. This visibility ensures the CISO gains a holistic view of risk, while product security and engineering teams can implement application security based on the line of business (LOB) needs.

ZeroNorth adds new integrations to unburden developers
ZeroNorth makes application security programs transparent and friction free for developers so they can develop secure applications without changing their workflows or being flooded with non-priority tickets.

To this end, the ZeroNorth platform is enhancing its roster of leading commercial and open source application security tools with support for Scout Suite, an open source multi-cloud security-auditing tool which enables security posture assessment of cloud environments, and Aqua Trivy, a comprehensive open source vulnerability scanner for container images.

ZeroNorth is also expanding its DevOps toolchain integrations to further support development agility. With this new release, the ZeroNorth platform automatically integrates with, and can scan the contents of BitBucket Server and GitLab source code repositories including branches within both GitLab and GitHub repositories.

“Security teams struggle to keep pace with development, and historically, DevOps teams have neglected security to their peril. With disparate tools clouding the landscape, organizations have left themselves open to attack because of the lack of integration and scant visibility across hybrid environments,” commented Jim Mercer, Research Director at IDC. “The application security and risk management capabilities of the ZeroNorth platform provide a compelling value proposition to help DevOps teams optimize their DevSecOps effectiveness while improving velocity and reducing risk.”

ZeroNorth delivers new enhancements to accelerate pipeline velocity
ZeroNorth includes key new features that focus on providing greater flexibility to security and development teams, helping them deliver applications at greater velocity, including:

  • Customization of vulnerability data compression parameters, such as name and type of vulnerabilities, libraries included, etc.
  • Customization of alerts to meet the needs of the DevOps process and support data-driven business decisions in real time.

All new features and enhancements are generally available in the ZeroNorth platform.

About ZeroNorth
ZeroNorth brings security, DevOps and the business together to improve application security performance and reduce organizational risk. The company’s application security automation and orchestration platform unites enterprises to rapidly identify, prioritize and remove the vulnerabilities standing in the way of software excellence. In an age where the security of applications needs to be everyone’s responsibility, ZeroNorth is where organizations come together for the good of software. Learn more at www.zeronorth.io

Media Contact:
Dustin Rausa
Guyer Group


eBooks & Research Reports

How DevSecOps Analytics Solve the Biggest Hurdles of AppSec

When it comes to building out a robust AppSec program, and embarking on the journey toward DevSecOps, there is a lot to remember and just as ...

Read Now


Ramp Up Your AppSec Program with ZeroNorth DevSecOps Quick Start

Learn how ZeroNorth DevSecOps Quick Start is ideal for engineering and security teams who need a quick, easy and cost-effective way to jumpstart their AppSec program.

Read Now

Related Press Releases

84% of Security and Development Professionals Believe ‘Security Champions’ Programs Can Improve Relationship Between Security and DevOps Teams

By ZeroNorth Oct 21, 2020

New Survey Highlights Current State of Security Champions Programs, Value They Provide to Organizations During Digital Transformation Boston, MA – October 21, 2020 – At OWASP ...

Read More

The ZeroNorth DevSecOps platform offers options for your DevSecOps journey—getting started with AppSec, finding enterprise visibility or fully integrating security into DevOps.