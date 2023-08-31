Arnica, a leading behavior-based application security platform, has announced its integration with Bitbucket, the popular source code management solution owned by Atlassian. This partnership allows Bitbucket users to access Arnica’s comprehensive security toolset, making it the first pipelineless security solution to offer real-time security feedback and in-line pull request comments for Bitbucket users.

With over 15 million developers using Bitbucket, the integration with Arnica gives them access to essential security features such as code risk scanning and secret scanning. These capabilities include Static Application Security Testing (SAST), Infrastructure as Code (IaC) security scanning, Software Composition Analysis (SCA), and third-party package reputation scanning. Arnica also provides prioritization and product ownership to empower developers within their Bitbucket workflows.

One of the key benefits of Arnica’s pipelineless approach is its ability to provide developers with 100% coverage of their development ecosystem from day one. By detecting risks in real-time before the CI/CD pipeline, Arnica enables automated mitigation capabilities to address vulnerabilities promptly.

Arnica has been designed to optimize the developer experience. It seamlessly integrates into the developer’s environment, ensuring that code remains secure while maintaining development velocity. The platform also offers valuable context to developers by providing insights into recent code changes through ChatOps integrations with popular tools like Slack and Microsoft Teams. Additionally, Arnica provides developers with one-click automated mitigations for various risk types.

Nir Vatlman, CEO of Arnica, expressed excitement about the integration with Bitbucket, recognizing the platform’s growing user base and its commitment to continuous improvement. The addition of Arnica’s extensive security capabilities to Bitbucket is seen as a significant enhancement for developers relying on the platform for their source code management needs.

In summary, Arnica’s integration with Bitbucket brings pipelineless application security to the forefront. By providing real-time security feedback and in-line pull request comments, Arnica empowers Bitbucket users with comprehensive security measures that do not hinder development velocity.

Definitions:

– Pipelineless: A software development approach that removes the need for traditional continuous integration and deployment pipelines, allowing for real-time security feedback and automated mitigation capabilities within developers’ workflows.

– Static Application Security Testing (SAST): A method of security testing in which the source code or binary of an application is analyzed to identify potential vulnerabilities or weaknesses.

– Infrastructure as Code (IaC): A practice in which infrastructure is defined and managed through machine-readable code.

– Software Composition Analysis (SCA): A process of identifying and managing open-source components and their dependencies in a software application.

– ChatOps: A collaboration model that brings people, tools, and processes together through chat platforms, allowing for real-time communication and integration with various tools and services.

