DevOps platform provider GitLab acquires Peach Tech and Fuzzit
GitLab, a US-based DevOps platform provider, has acquired Peach Tech, a security software company that specializes in protocol fuzz testing and dynamic application security testing (DAST) API testing, and Fuzzit, a continuous fuzz testing solution that offers coverage-guided testing.
According to GitLab, the acquisitions will add fully-mature testing solutions, which include protocol fuzzing, DAST API testing, API fuzzing, and coverage-guided fuzz testing. The addition of these solutions is said to make GitLab’s DevSecOps offering the first security solution to provide coverage-guided and behavioral fuzz testing techniques and also as the first true DevSecOps platform to shift fuzz testing left with the new offerings being made available within the GitLab CI/CD environment.
The DevOps platform provider said that the addition of both coverage-guided and behavioral fuzz testing into the DevSecOps toolchain enables organizations in identifying vulnerabilities and weaknesses that traditional application security testing and quality assurance (QA) testing techniques usually miss as these findings may not be tied directly to a known vulnerability.
Sid Sijbrandij – CEO of GitLab said: “We believe GitLab provides best-in-class tools for the complete DevOps lifecycle on a single platform.
“Bringing the fuzzing technologies of Peach Tech and Fuzzit into GitLab’s security solutions will give our users an even more robust and thorough application security testing experience while enabling them to shift security left. This simultaneously simplifies their workflows and creates collaboration between development, security, and operations teams.”
After the full integration of the Peach Tech and Fuzzit technologies, GitLab Secure customers will no longer have to depend on standalone fuzz testing solutions to handle their application security testing requirements. Rather, they will have a completely-integrated security solution, from Auto DevOps deployment of security testing to vulnerability management and remediation.
Furthermore, the acquisitions are said to enable GitLab to fast track its roadmap for interactive application security testing (IAST) by extending Peach Tech’s DAST API security engine and the crash correlation technology from Fuzzit.
Michael Eddington – Peach Tech founder and CEO said: “Providing GitLab users with the best security testing tools is key to GitLab’s DevSecOps core mission.
“The integration of Peach Tech’s technologies expands GitLab’s shift security left capabilities making the future of security and DevSecOps a reality today for all GitLab users.”