The latest cloud-native integration reduces barriers to DevSecOps entry for aviation and defense organizations, adding to existing support for Microsoft Azure DevOps and Amazon Web Services.
LDRA announced integration with GitLab to help developers continuously detect and remediate security issues in the software development lifecycle as early as possible. Combining LDRA’s static analysis, code coverage, and unit testing capabilities with GitLab’s AI-powered DevSecOps platform helps small- and medium-sized organizations “shift left” to secure coding practices to improve application security and time to market.
GitLab integration allows embedded software teams to identify security issues found by the LDRA tool suite without leaving their familiar cloud-native automation pipeline. As part of a robust DevSecOps program, LDRA’s analysis and testing capabilities continually assess operations and files on every code change, helping teams to centralize the reporting and management of security issues.
“The security landscape for aviation and defense applications changes daily, fuelled by unprecedented complexity and connectivity in today’s mission-critical systems,” said Ian Hennell, Operations Director, LDRA. “LDRA’s integration with GitLab offers a faster way to detect and remediate vulnerabilities across the entire code base by kicking off automated static analysis, code coverage, and unit testing without developers having to worry about it.
Security is Built-in, Not Bolted On
Integrating LDRA and GitLab brings development, security, and operations together to improve efficiencies and effectiveness from the start. Using the LDRA tool suite with a containerized build model within a GitLab pipeline, development teams ensure the analysis and testing of code security is fast, consistent, and repeatable. This also allows the execution of tasks in parallel, greatly accelerating vulnerability remediation and reducing time to market.
“Rapid and incremental software integration only works when you have rapid and comprehensive testing built into the development pipeline,” Hennell added. “The LDRA/GitLab integration optimizes DevSecOps practices right from the first code push and helps plug security holes throughout the product lifecycle.”
LDRA Tool Suite Supports Multiple On-premises, Cloud-native Deployment Options
In addition to GitLab, the LDRA tool suite supports other on-premises and cloud-native deployment options such as Wind River Studio, Amazon Web Services (AWS), and Microsoft Azure DevOps. These integrations meet developers where they code to support environment hardening and simplifying the achievement of security at scale.