StackRox today added additional DevSecOps workflow capabilities to its security platform that runs natively on Kubernetes platforms.

IT teams can now identify vulnerabilities in active software dependencies during runtime and scan for vulnerabilities in container images that have no base operating system.

Remediation efforts can now be prioritized based on vulnerability scores. The StackRox Kubernetes Security Platform surfaces recommendations so teams can identify the most efficient and effective course of action for threat remediation. They can also track mean time to remediation and refine and improve procedures and processes as teams gain DevSecOps expertise.

In addition, the StackRox Kubernetes Security Platform can now discover vulnerabilities in container images within .NET Core and ASP.NET Core frameworks.

Finally, StackRox has added integration with AWS Security Hub, Google Artifact Registry, Splunk and Red Hat OpenShift Admission Controller. Red Hat announced earlier this month it is acquiring StackRox . After the acquisition is completed, the StackRox portfolio of container security software will be made available as open source software.

David Van Everen, vice president of marketing for StackRox, says integration with platforms IT organizations rely on to manage application development and IT infrastructure is critical, because it surfaces container security insights within an existing workflow rather than requiring IT teams to log into a separate platform.

In general, Van Everen says the “shift left” of application security responsibility occurs at a time when organizations are also embracing microservices, built using containers, to build and deploy cloud-native applications. That shift is creating a unique opportunity for those organizations to embrace DevSecOps best practices, as the processes for building those types of applications are still being defined, Van Everen says. The goal is to enable organizations to continuously apply and enforce security policies as those applications are constructed and deployed, Van Everen says.

IT organizations making that transition should foster increased collaboration between developers and cybersecurity teams, Van Everen says. Kubernetes, by default, is insecure, so it’s up to each organization to learn what controls need to be applied, he says.

The StackRox Kubernetes Security Platform runs natively on Kubernetes, which Van Everen says eliminates the need to rely on proxies or container sidecars that are cumbersome to deploy and manage. However, securing Kubernetes platforms remains a specialized skill that IT organizations need to acquire, Van Everen says.

Significant progress is being made toward achieving DevSecOps, Van Everen says, but most organizations are still a long way from completely embedding security workflows within their DevOps processes. The challenge in the context of a Kubernetes environment is enabling IT teams to achieve that goal with the least amount of friction, Van Everen says.

The shift to DevSecOps will soon require security to be embedded within those workflows. As organizations embrace microservices to drive digital business transformation, initiatives that rely on platforms such as Kubernetes will find the security stakes are too high to ignore.

The post StackRox Adds Workflows to Advance DevSecOps on Kubernetes appeared first on Artificial Intelligence.

Amazon Web Services Inc. today debuted a suite of Contact Center Intelligence services that customers can use to add more intelligence to their contact center operations.

AWS CCI is a combination of services that enables companies to bring machine learning capabilities including text-to-speech, language comprehension, translation, enterprise search, business intelligence and chatbots to their contact centers. These capabilities can be used to help with tasks such as self-service, live-call analytics and agent assist, and post-call analytics, Amazon said.

In a blog post, AWS developer advocate Alejandra Quetzalli said the AWS CCI services are being made available through partners such as Genesys Telecommunications Laboratories, Inc., Vonage Holdings Corp. and UiPath Inc. and integrated with existing enterprise contact center systems.

The services are designed to aid companies in various aspects of their contact center workflows, Quetzalli said.

For example, the Self-Service solution is meant to help companies create chatbots and interactive voice response systems that can handle some of the most common queries contact centers receive, enabling human operators to focus on other tasks. Quetzalli said customers will need to employ this capability with the company’s Amazon Lex service for building chatbots, and Amazon Kendra, an enterprise search service the chatbots can use to find the answers to people’s queries.

“The novelty of this solution is that Lex + Kendra not only fulfills transactional queries (i.e. book a hotel room or reset my password), but also addresses the long tail of customers questions whose answers live in enterprises knowledge systems,” Quetzalli said.

Meanwhile, Live Call Analytics & Agent Assist enables contact center staff to get a better understanding of what a caller is asking for. The service relies on Amazon Transcribe for real-time speech transcription and Amazon Comprehend to analyze conversations to detect caller’s sentiments and any key phrases that might be pertinent. In addition, Live Call Analytics & Agent Assist can tap into Amazon Translate if the caller is unable to speak the operator’s language.

Finally, the Post-Call Analytics tool carries out automatic analysis of call center conversations and provides insights that can be used to improve the service they offer. It also leverages Amazon Transcribe and Amazon Comprehend, as well as Amazon Kendra.

The post AWS announces AI tools to assist contact center workflows appeared first on Artificial Intelligence.