Under the partnership, the two companies will jointly develop and sell new software and services for IBM’s Cloud Managed Services on z Systems, or zCloud, which targets compute-intensive and business-critical workloads and gives them cloud-like flexibility.
“The mainframe was the cloud before there was cloud,” said Barry Becker, vice president of hybrid cloud services at IBM. “zCloud is a mainframe-as-a-service model. It has elasticity, on-demand, consumption-based pricing model, and [it] supports customers deploying these new services.”
Also at the summit, the company provided an update about its application security products.
In April, CA Technologies acquired SourceClear, a startup whose technology automates security checks into DevOps workflows by scanning for open source code vulnerabilities before developers ship code. At the time, CA said it would fully integrate the technology into the Veracode cloud platform. Veracode is the application security company CA bought a year ago.
The company scooped up SourceClear for a couple of reasons, said Sam King (pictured), GM of CA Veracode. “One: if our value proposition is to make sure the software [customers] are buying is secure, how can we do that without giving them some sense of security in the open source code they are using in their applications? And second: SourceClear’s focus around providing security solutions for open source was very much coming at it from the point of view of DevOps,” she said. “SourceClear provides a very good solution when it comes to DevSecOps with respect to open source.”
The combination of the two technologies, now called CA Veracode SourceClear, supports DevSecOps — integrating security with DevOps — by enabling companies to use open source libraries to accelerate software development without adding unmanaged risk, King explained.
VMware is a SourceClear customer. Wael Ghandour, a security engineer at VMware, said developers want to rapidly build and deploy modern applications, and open source libraries enable this. “But the downside to it is you’re moving at such a speed where traditional security processes start to break down,” he said, adding that SourceClear’s technology makes application security “frictionless.”
“You don’t want it to be something where developers feel it will add unnecessary overhead,” Ghandour said.
Here are some of the other product updates CA rolled out at the event:
CA Digital Operational Intelligence, a machine learning product that provides insights by automatically ingesting cross-domain data from IT operations tools. It’s powered by CA Jarvis, the company’s analytics platform, and it uses algorithmic intelligence to identify the problem root cause, measure and improve business service levels, improve cost and resources utilization, and proactively detect and remedy potential problems.
CA Project & Portfolio Management’s newest version introduces a strategic planning capability with a road-mapping module for top-down visual planning and collaboration.
CA Automic One Automation Platform targets the ops in DevOps with new lifecycle management of automation artifacts, intelligent critical-path management, and support for PostgreSQL. It also supports shift-left automation capabilities for developers with new automation-as-code functionality, and connects automation silos with new integrations for CA Workload Automation, CA Continuous Delivery Director, and CA Jarvis to deliver powerful analytics capabilities.
Photo: Sam King, GM of CA Veracode discusses application security at the company’s Built to Change summit.