SAN FRANCISCO, June 12, 2023 – Cycode, the main utility safety platform, at present introduced the launch of Cimon, a seamless resolution that enhances the safety of CI/CD pipelines to stop software program provide chain assaults corresponding to those who focused SolarWinds and Codecov.
CI/CD pipelines at the moment lack visibility, making them essentially the most delicate hyperlink within the SDLC, and lots of organizations have hundreds of unmonitored pipelines susceptible to produce chain assaults. Cimon stops these assaults by using the revolutionary resolution of eBPF (prolonged Berkeley Packet Filter), a know-how that gives visibility into the construct system, together with thwarting malicious conduct, with minimal disruption.
With this visibility, Cimon can examine – community connections, working processes and file modifications inside the CI pipeline — to be taught commonplace behaviors. This data allows Cimon to detect and forestall abnormalities, together with real-time threats and zero-day assaults.
“We provide free and simple integration with many CI/CD instruments for organizations to safe their pipelines directly time or errors,” mentioned Ronen Slavin, co-founder and CTO of Cycode. “As Cimon saves time in vulnerability and risk response procedures, groups can implement and undertake safety measures with out fear of error or exhaustion.”
With Cimon, organizations can anticipate:
● Prevention of CI Assaults: With low effort and seamless integration, customers stay protected in opposition to all doable assaults on the CI pipeline, together with zero-day assaults
● On the spot Risk Detection: Cimon prevents assaults corresponding to malicious bundle set up, typosquatting, repojacking, dependency confusion, dependency hijacking and different dependency assaults
● Straightforward Integration: Cimon is developer pleasant and is well built-in with fashionable CI/CD instruments, complete documentation requiring minimal configuration and integration with the event atmosphere, corresponding to GitHub
Cimon is the brand new superhero for organizations’ CI/CD pipelines and is free to make use of. Extra details about Cycode and Cimon is offered on-line.
About Cycode
Cycode’s fashionable method to utility safety allows organizations to successfully safe their cloud-native functions with cost-efficient use of tooling and workers throughout the SDLC. The Cycode platform makes AppSec instruments higher by its Information Graph, which gives full context of the SDLC to enhance accuracy and scale back mean-time-to-remediation (MTTR). Cycode merges the highest eight AppSec instruments into the business’s most superior and complete AppSec platform. By correlating knowledge throughout these instruments Cycode affords new capabilities, like Pipeline Composition Evaluation which identifies weak dependencies and safety points missed by legacy instruments like SCA and SAST — throughout the complete SDLC; pinpoints weak dependency areas; and prioritizes threats by exploitability.
