Looking to bring security and compliance analytics to devops, IBM has added its Code Risk Analyzer capability to its IBM Cloud Continuous Delivery service.
Code Risk Analyzer is described by IBM as a security measure that can be configured to run at the start of a developer’s code pipeline, analyzing and reviewing Git repositories to discover issues with open source code. The goal is to help application teams recognize cybersecurity threats, prioritize application security problems, and resolve security issues. IBM Cloud Continuous Delivery helps provision toolchains, automate tests and builds, and control software quality with analytics.
