INFRA
INFRA
INFRA
GitLab picks up code security startup Gemnasium
San Francisco-based GitLab Inc. provides a code hosting platform that has been adopted by more than 100,000 organizations to manage their software projects. Now, the company is moving to make it easier for those customers to ensure that their applications don’t contain any security flaws.
GitLab announced today that it has acquired Gemnasium Inc., a maker of tools for identifying code vulnerabilities. Specifically, the startup’s namesake platform is designed to detect issues introduced into an application by way of open-source components. Practically every modern software project incorporates open-source elements because they save developers the hassle of re-implementing existing concepts.
Gemnasium’s platform can assess the security of external dependencies and check for new issues as those components are updated over time. If a vulnerability is found, a built-in alerting mechanism will notify developers of the problem. The offering also provides the ability to automatically download new versions of an open-source component when they become available.
Absorbing Gemansium’s technology will enable GitLab to match a key feature offered by GitHub Inc., its top rival. The latter company launched a free tool not long ago that alerts developers if their software contains a security issue listed in the U.S. government’s National Vulnerability Database.
Gemnasium brings several features to the table that aren’t available in GitLab’s tool. GitLab is also absorbing the startup’s team, who will help integrate their technology into its code management platform.
The offering already includes a few security features. Earlier this month, for instance, GitLab rolled out a scanner for finding vulnerabilities in software container images.
The company provides other value-added features as well. As part of its efforts to gain edge over GitHub, GitLab has implemented various automation capabilities meant to streamline application development. One of newest is a performance testing tool that enables software teams to measure how fast a web service responds to browser requests.
Image: Unsplash
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
