Mahindra Group Migrates Applications to Google Cloud

Mahindra Group migrates its business-critical applications to Google Cloud and revamps its DevSecOps capabilities. It includes SAP data warehouse and data lake on the cloud that helps businesses achieve customer-centricity, sustainability, process intelligence, and automation.

Group chief technology officer of the Mahindra and Mahindra, Mohit Kapoor, said, “A digital mindset is a front and center in every aspect of the Mahindra Group. We are building for the future with advanced cloud-based technologies and data-driven strategies to speed up decision making and maximize synergies across our business.”

The transfer will take place over the next three years, according to Mahindra Group, which has companies in farm equipment such as tractors, utility vehicles, IT, and financial services.

It aims to be able to better predict trends and consumer sentiments, accelerate product innovation and deliver personalized customer experiences by then, as well as simplify data administration, cut total cost of ownership, and increase security and governance.

Mahindra will also use Google Cloud’s site reliability engineering (SRE) and DevSecOps teams to bolster its own cloud engineering and cloud-native operations capabilities.

Mahindra’s shift to Google Cloud follows the establishment of its technology services division, which is focused on providing industry-specific capabilities in areas like precision agriculture and remote patient monitoring.

“By utilizing Google Cloud’s best-in-class infrastructure and data capabilities, we can innovate faster for competitive differentiation, advance our enterprise sustainability goals, and strengthen our talent pool by attracting the best tech talent in the industry,” added Mohit Kapoor, Group chief technology officer of the Mahindra and Mahindra.

Codenotary Cloud Detects Vulnerabilities In The System Development

Codenotary has released Codenotary Cloud, a low-cost way to identify where a vulnerability like Log4j resides.

Codenotary Cloud lowers the cost of detecting and analyzing unnecessary artifacts by up to 80%, ensuring compliance with the United States’ Executive Order on Improving National Cybersecurity.

Codenotary Cloud offers an end-to-end trusted software supply chain that is both authentic and trustworthy. It can scale to millions of integrity verifications per second and provides a way for developers to attach a tamper-proof SBOM for development artifacts such as source code, builds, repositories, and more, as well as Docker container images for their software and Kubernetes deployments. Customers, auditors, and compliance professionals can all see them right away through the SBOM.

The Co-founder and CEO, Codenotary, Moshe Bar said, “A vulnerability scan tells you a malware is present, but then the problem is you need to find all the places it exists and that can often take weeks or months. With Codenotary Cloud, it’s possible to do that in seconds – with the ability to create, track, and query your software including the Software Bill of Materials (SBOM).”

Most vulnerability scanners and major cloud-native continuous integration/continuous delivery (CI/CD) solutions can be fully integrated with Codenotary Cloud. The DevOps attestation service is available as a managed service on any cloud or host, or customers can host it themselves.

Frog Teams Up With Slack To Increase The Awareness About Key Software Development Events

JFrog has introduced a new Slack integrator For JFrog Artifactory and JFrog Xray. The new JFrog app for Slack enables developers to notify an extended team of stakeholders in real-time about significant software development events, such as new security vulnerabilities or licensing compliance violations, allowing them to optimize release cycles and reduce time-to-resolution.

“Collaboration has always been an integral part of DevOps, but when it comes to security-related events, you need to communicate early and often. We are thrilled to work with Slack – one of the world’s leading collaboration tools – on enhancing the way developers work today so they can deliver stronger features, faster releases, continuous updates, and improved security for their entire DevOps pipeline,” said Stephen Chin, vice president of Developer Relations, JFrog.

The JFrog app for Slack combines artefact management and security with operational efficiency to boost company results. It lets one or more Slack channels to receive notifications, information, and actions connected to specific software incidents. For example, developers can communicate vulnerability and licensing compliance notifications with a broader team of stakeholders directly from their workstations, based on policies set up in JFrog Xray.

The interactive notifications allow receivers to take action, such as create “ignore” rules, view details, and so on. From within the Slack channel, you can pause, delete, or invoke the JFrog Platform for more information about notifications.

Rezilion Secures $30 Million In Series A Funding to Automate DevSecOps

Rezilion, a cyber startup that uses automation to change DevSecOps, today received $30 million investment in Series A funding led by Guggenheim Investments. Current and former cybersecurity professionals and luminaries from Google, Microsoft, CrowdStrike, IBM, Cisco, PayPal, JP Morgan Chase, Nasdaq, eBay, Symantec, RedHat, RSA, and Tenable contributed to the round, as did new investment partners JVP and Kindred Capital.

With DevOps, code development has become fully automated, yet there is now a crippling bottleneck between engineering and security teams. Understanding, mitigating, and limiting the risk associated with the huge lines of code published by corporations every day is a constant problem, and it still involves extensive manual work by highly skilled engineers. As a result, businesses must choose between remaining secure and distributing products quickly.

Rezilion makes security as agile as DevOps by automating repetitive security bottlenecks. It is the only approach that significantly minimizes the amount of security effort necessary to deploy new digital products while maintaining the security of software platforms. Clients who use Rezilion’s vulnerability validation technology have decreased their patching backlog by more than 70% on average, freeing up important engineering resources to focus on product expansion.

“Rezilion’s product suite is a game changer for security teams. It creates a win-win, allowing companies to speed innovative products and features to market while enhancing their security posture. We believe Rezilion has created a truly compelling value proposition for security teams, one that greatly increases return on time while thoroughly protecting one’s core infrastructure,” said Rusty Parks, Senior Managing Director of Guggenheim Investments.

“At Rezilion, we are deeply committed to helping organizations drive their own innovation by reducing the resource drain, inaccuracies and operational friction created by manual security work. We know there’s never been a better time for organizations to experience what we call ‘trust in motion,’ or the peace of mind that comes from moving fast while staying safe and secure,” said Liran Tancman, co-founder and CEO of Rezilion. “

“Our technology brings developers and security teams together. This funding round will allow us to dramatically accelerate our vision by advancing product development and driving growth on a global scale,” says Shlomi Boutnaru, co-founder and CTO of Rezilion.

“Rezilion’s pioneering approach generates a host of benefits to meet the needs of CEOs, CIOs and CISOs, from expediting digital transformation, faster product rollouts and enhanced productivity and compliance to the adoption of state-of-the-art development best-practices and the guarantee of better security and improved ROI. Under the proven leadership of Liran and Shlomi, we look forward to expanding Rezilion’s markets and offerings to provide more value based on its unique technology,” stated Yoav Tzruya, General Partner at JVP.

The funds will be utilized to rapidly accelerate Rezilion’s go-to-market strategy, including partnering with other DevSecOps solution providers and expanding operations across the US and Europe. Additional product development attempts to bridge the gap between security and engineering, increasing the productivity of both teams so that software can be delivered on time and businesses can innovate more quickly.