Accurics has announced a technology partnership with GitLab, a single application for the DevOps lifecycle, as well as the general availability of its integration with GitLab’s Static Application Security Testing (SAST) solution.
The integration with GitLab will help Accurics provide DevSecOps teams with a holistic, contextualized view of application and infrastructure risks. Organizations can now establish and programmatically enforce consistent risk management policies throughout the Software Development Lifecycle (SDLC) while minimizing the effort and expense of manual triage and investigation.
The integration with GitLab helps Accurics users overcome these challenges by correlating IaC, cloud, and SAST vulnerabilities to help mitigate risk throughout the SDLC and generate a threat score.
This threat score can be used by policy guardrails established with Policy as Code, blocking the riskiest builds from being deployed into production while providing insight into less risky problems that don’t warrant breaking the build. As a result, developers are able to focus resources on remediating the most immediate threats first.
“The growing adoption of GitOps practices and Infrastructure as Code necessitates scalable risk management tools,” said Nima Badiey, Vice President, Global Alliances at GitLab. “The integration between GitLab and Accurics will help customers to programmatically define infrastructure and risk management policies more effectively throughout the software development lifecycle.”