Assembla-Kiuwan™ Integration Empowers Teams to Shift Left in DevSecOps

Ad blocking detected

Thank you for visiting CanadianInsider.com. We have detected you cannot see ads being served on our site due to blocking. Unfortunately, due to the high cost of data, we cannot serve the requested page without the accompanied ads.

If you have installed ad-blocking software, please disable it (sometimes a complete uninstall is necessary). Private browsing Firefox users should be able to disable tracking protection while visiting our website. Visit Mozilla support for more information. If you do not believe you have any ad-blocking software on your browser, you may want to try another browser, computer or internet service provider. Alternatively, you may consider the following if you want an ad-free experience.

Canadian Insider Ultra Club
$432/ year*
Daily Morning INK newsletter
+3 months archive
Canadian Market INK weekly newsletter
+3 months archive
30 publication downloads per month from the PDF store
Top 20 Gold, Top 30 Energy, Top 40 Stock downloads from the PDF store
All benefits of basic registration
No 3rd party display ads
JOIN THE CLUB

* Price is subject to applicable taxes.

Paid subscriptions and memberships are auto-renewing unless cancelled (easily done via the Account Settings Membership Status page after logging in). Once cancelled, a subscription or membership will terminate at the end of the current term.

Return to homepage
Apr 18, 2019 10:00 am
HOUSTON -- 

Idera, Inc., parent company of global B2B software productivity brands, today announced powerful new integration capabilities between its Assembla and Kiuwan™ products. The integration allows development teams on Assembla to “shift left” and further secure their software development lifecycle by automatically scanning code in their Assembla repositories with Kiuwan’s enterprise-grade application security testing engine.

Verizon's 2018 Data Breach Investigations Report1 found that attacks on web applications exploiting code-level or authentication mechanism vulnerabilities led to the highest number of breaches of all breach patterns. And according to the Ponemon Institute, the global average cost of a data breach is $3.86 million.2

Kiuwan provides an enterprise-grade, end-to-end, non-localized static code analysis (SAST) and code quality analysis (QA) platform. The Assembla-Kiuwan integration leverages Kiuwan’s SAST scanning engine to identify potential vulnerabilities and security threats in code, with the capability to scan more than 30+ languages, technologies, and frameworks.

Issues detected during weekly scans are automatically highlighted and recorded in a user’s Assembla code commit history, enabling them to drill down for further analysis without leaving the repository.

“Until now, Assembla users either weren’t doing any scanning at all, or they were using separate scanning tools that increased the potential for error in identifying and resolving vulnerabilities,” said Robert Warmack, general manager of Assembla. “Similarly, Kiuwan customers had to use a different system to securely store their source code, and spend time manually configuring the connection between the two systems to automate scanning. This integration pushes the envelope on the DevSecOps playbook, combining the premium capabilities of two world-class enterprise software development and security products.”

To enable scanning, Assembla users navigate to the Security Scan Results tab within their repository and check the “weekly code scan” box to turn the Kiuwan scanner ON. Once a week, the scanner will scan the code repository within the repository tool for potential vulnerabilities and security threats, and alert the user to any issues from within the Assembla repository tool.

All Assembla customers get access to five free vulnerabilities in each weekly scan. Teams with active subscriptions to both Kiuwan and Assembla receive unlimited results from the Kiuwan scanner while gaining access to Kiuwan’s powerful business analytics, flexible and comprehensive scanning settings, and notifications directly from the Kiuwan dashboard.

Kiuwan users can access this capability by starting a new trial account with Assembla and enabling the integration between Assembla and Kiuwan from their Assembla Integrations settings.

Additional Resources

Blog: https://blog.assembla.com/new-integration-shift-security-left-with-the-all-new-assembla-kiuwan-static-code-analysis.

Help article: https://articles.assembla.com/assembla-basics/how-to-use-kiuwan-code-security-scanner

About Assembla

Assembla's secure enterprise cloud version control solutions help developers minimize or eliminate vulnerabilities that can be exploited by hackers. From compliance to source code scanning, Assembla is the security-forward choice for developing, managing and shipping amazing software. Founded in 2005, Assembla has more than 5,500 customers across 157 countries, including Deutsche Telekom, Bayer, Kellogg’s, Oracle, Unity, Disney, Apple, Marketo and Salesforce. Assembla is a division of Idera, Inc. To learn more, visit https://www.assembla.com/home.

About Kiuwan

Kiuwan’s application security testing platform provides a complete overview and impact analysis of software architecture in just minutes, reducing risk and improving change management and DevOps processes. The solution integrates with leading IDEs, build systems, bug tracking tools and repositories to detect and eliminate vulnerabilities, and provide full compliance with security standards. Kiuwan has more than 200 customers in 25 countries. Kiuwan is a division of Idera, Inc. To learn more, visit https://www.kiuwan.com/.

1 https://enterprise.verizon.com/resources/reports/dbir/

2 https://www.ibm.com/security/data-breach

Cybele Diamandopoulos
FOLIO Communications Group, LLC
[email protected]
512-535-4422

Comment On!

140
Upload limit is up to 1mb only
To post messages to your Socail Media account, you must first give authorization from the websites. Select the platform you wish to connect your account to CanadianInsider.com (via Easy Blurb).
LinkedIn
StockTwits
Twitter