2023: The start of the end for DevSecOps
2023 was a landmark year for patched, marking significant strides in our journey to revolutionize the way developers interact with code security and management. We launched the patched app in the fall and our platform has seen a plethora of enhancements, making it more robust, user-friendly, and integrated than ever before.
Patched Platform Enhancements
The patched platform, accessible at app.patched.codes, underwent transformative updates in Q4 of 2023. Key features include:
- Diverse Login Options: We introduced the flexibility to sign in using GitHub, GitLab, and Email/Password, catering to a wider range of user preferences.
- Organization Collaboration: Users can now invite others to their organization to view dashboards and results, fostering a collaborative environment.
- GitHub Marketplace: We launched a GitHub App so users can configure our services for their GitHub organizations seamlessly.
- PR Generation for Fixes: Users can now add patched to their Github to generate a PR with fixes, drastically reducing MTTR
- SonarCloud Integration: We integrated with SonarCloud for scanning, ensuring users have access to comprehensive code quality and security checks.
Patched CLI: Bridging Gaps
Our command-line interface, available at Patched CLI on PyPI, also received substantial upgrades:
- Enhanced Login Compatibility: Users can now log in to their Patched Platform account directly from the CLI.
- Wider Repository Support: We extended our support to GitLab.com, GitHub Enterprise, and Gitlab Enterprise repositories. Users can now automatically create PRs for their fixes on these repositories.
- CI/CD Integration: We added integration with continuous integration and continuous deployment pipelines, streamlining the patching process for users.
What to Expect in 2024
As we step into 2024, we're excited to unveil a roadmap that promises to make patched.codes even more versatile and privacy-conscious.
Upcoming Features in Q1 2024
- Anonymous Fixes: One popular feedback from our users is the preservation of privacy of their codes. To prioritize privacy, we're introducing anonymous fixes, ensuring the confidentiality of your code during the patching process.
- Customizable Patching Options: Users will have the ability to configure patching by ignoring specific folders, selecting Common Weakness Enumerations (CWEs), and filtering vulnerabilities based on severity/type.
- Full Support for Java and JavaScript: Expanding our language support, we'll provide comprehensive solutions for Java and JavaScript, two of the most widely used programming languages.
- SARIF Format Integration: The introduction of integration with any static analyzer via the SARIF (Static Analysis Results Interchange Format) will enhance our platform's adaptability and reach, allowing users to compare across results of various SAST tools.
- Billing and Subscription Options: We'll be rolling out flexible billing and subscription options, making our platform available to enterprise customers.
We are just getting started
While the last year was a period of incubation and innovation, we are thrilled to switch gears and go full throttle in 2024. With our upcoming features and enhancements, we are committed to delivering a platform that not only meets but exceeds the evolving needs of our users. Stay tuned for an exciting year ahead!