The Silicon Review ^Asia

Tech giant IBM is looking forward to bring compliance and security analytics to DevOps. To achieve this, the company has newly added a Code Risk Analyzer feature to its IBM Cloud Continuous Delivery offering. The Code Risk Analyzer feature is what IBM describes as a security measure that can easily be configured to the developer’s code pipeline start, reviewing and analyzing the Git repos to identify issues with open source code. This new offering’s main idea is to help developers identify cybersecurity threats, resolve security issues of any kind, and prioritize the security problems. IBM’s Cloud Continuous Delivery strives hard to deliver necessary toolchains, control the software quality, and automate builds and tests with analytics.

The tech giant has stated that cloud-native practices like containers and microservices are significantly changing the compliance and security processes because it is not a feasible option to centralize the operations to manage application compliance and security. One of the main reasons why the developers are in need of cloud-native capabilities is due to the fact that Code Risk Analyzers can be used to embed into the already existing workflows. Cloud Risk Analyzers furthermore help the devs in ensuring compliance and security in the routine workflows.