Codenotary First to Provide Search Capability for Software Artifacts and SBOMs
Ability to quickly mitigate risks by sifting through billions of software artifacts, measure their risk score, and take action on issues
Codenotary, leaders in software supply chain protection, announced that the company’s leading product, Trustcenter v3.0, is the first to add a pervasive search capability to find software artifacts that may present problems, along with their change history including the runtime of a container.
Latest Aithority Insights : Adobe Target Announces New AI-enriched Enhancements for Multi-channel Personalization
“Deep search capability can be used as part of an organization’s compliance, auditing, and forensics activity to maintain a secure software supply chain. It can reduce the time to identify and resolve issues from months to minutes.”
Until now, organizations with millions or billions of artifacts had no way to efficiently sift through all their software code when a new problem is identified – sometimes taking months to identify and resolve vulnerabilities. Codenotary’s Trustcenter enables quick ad hoc querying of the status of a single or multiple artifacts and their change history, either from a command line tool or from a graphical user interface.
“We are making Software Bill of Materials (SBOMs) actionable. Without search, SBOMs and code signing information is not very useful,” said Dennis Zimmer, co-founder and chief technology officer at Codenotary. “Deep search capability can be used as part of an organization’s compliance, auditing, and forensics activity to maintain a secure software supply chain. It can reduce the time to identify and resolve issues from months to minutes.”
Browse The Complete News About Blockchain : Blockchain Partnership: PraSaga and Metahug Gamify Web3 Education Via Roblox
Codenotary’s Trustcenter v3.0 can be used to secure all stages of a CI/CD (continuous integration/continuous delivery) pipeline. With attestation (notarization and authentication) of every step in the pipeline, that includes vulnerability scanner results, and evidence maintained in a tamper-proof and immutable service, makes it possible to reach and track Level 1 up to 4 of the SLSA (Supply-chain Levels for Software Artifacts) standard.
Codenotary provides tools for notarization and verification of the software supply chain attesting to the provenance and safety of the artifacts. The company provides an indelible solution for processing millions of transactions per second, on-premises or in the cloud, and with cryptographic verification. It gives DevOps a way to generate and attach and link an actionable SBOM for software artifacts that include source code, builds, repositories, and more, plus container images for their software. Trustcenter is the first to track changes in a SBOM during the runtime of a container.
Storing all of this in an immutable database is key to making this information trusted and usable for compliance, audits, and forensics. Codenotary is the primary maintainer of immudb, the first and only open source enterprise-class immutable database with data permanence at scale for demanding applications — up to billions of transactions per day. There have been more than 15 million downloads of immudb to date, which serves as the foundation for the company’s supply chain security products.
Next-gen AI-On-Demand Platform : European Commission Pumps in $9.15 Million to Develop Next-gen AI-On-Demand Platform
[To share your insights with us, please write to sghosh@martechseries.com]
Comments are closed.