OpsMx has unveiled a brand new method to software safety with the launch of its Deployment Firewall. This firewall integrates into CI/CD pipelines and enforces software safety insurance policies when purposes are deployed, blocking releases if there’s a vulnerability or safety subject.
In line with OpsMx, latest software safety efforts throughout the trade have been specializing in the applying improvement course of. Whereas the corporate acknowledges this is a vital a part of software safety, it may be troublesome to then implement safety insurance policies as a result of obligations are unfold between distributed improvement groups with differing toolsets and working fashions.
“A deployment firewall provides organizations a less complicated, simpler method to implement their very own software program supply course of,” mentioned Gopal Dommety, CEO and founding father of OpsMx. “Organizations know what they should do for software safety and launch compliance, however are too typically caught with siloed knowledge and scattered groups working on an honor system. The deployment firewall combines wealthy knowledge units and good intentions to make safety insurance policies actionable.”
With the discharge of Deployment Firewall, firms now have a firewall that may consider purposes in opposition to a variety of insurance policies and block its launch if it doesn’t meet all the necessities. {Qualifications} it makes use of to find out if a launch ought to undergo embody manifest information, vulnerability scans, artifact integrity, infrastructure readiness, launch high quality and efficiency, and operational controls.
OpsMx supplies a set of firewall guidelines, and these will be prolonged or personalized by prospects.
These guidelines can be used to test compliance with well-liked frameworks, together with NIST 800, PCI, and HIPAA.
The instrument additionally supplies the choice to simulate deployments earlier than they’re able to be deployed, which permits purposes to be checked for compliance forward of time.
Deployment Firewall is part of the OpsMx Deploy Defend product, and will be added to present Jenkins, Argo, and Spinnaker implementations. The corporate additionally plans so as to add assist for GitHub Actions and GitLab sooner or later.