Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

Scribe Security Releases Code Integrity Validator Alongside Github Security Open Source Project

Scribe Security, a leading software supply chain security solutions provider, announced the release of Scribe Integrity, a code integrity validator that authenticates open-source and proprietary source code, and an integral building block of its platform solving the software supply chain security challenge. Scribe Integrity provides developers with an added layer of visibility, allowing developers peace of mind that the code they are using is safe. Scribe is simultaneously introducing its open-source Github security project, GitGat.

In 2021, software supply chain (SSC) attacks more than tripled, with recent attacks on SolarWinds, CodeCov, and Log4Shell underscoring the growing risk of such attacks to enterprises.

Recommended AI News: FoundriesFactory Supports Arm’s Project Cassini for Secure Production Edge Deployments

DevSecOps and security teams often focus on software vulnerabilities, overlooking the risk of tampering with software in the build process. Scribe bridges this gap in a practical manner by providing a convenient work tool that automatically reports integrity validation within a trusted software bill of materials  SBOM.

Scribe leverages the principle of ‘hash everything, sign everything’, utilizing open-source intelligence that it collects on open-source dependencies. In this first release, Scribe’s solution addresses the widely used Node.js and the popular npm package manager, which have recently suffered from a multitude of attacks.

Related Posts
1 of 40,645

Recommended AI News: Complete Verkada Platform is Now Available Across the UK and Europe

Scribe’s additional release, GitGat, is a Policy-as-Code tool, utilizing Open Policy Agent (OPA), an open source project, that addresses users’ security posture. GitGat allows users to periodically run reports to gain insight into the changing security landscape of the organization. As GitGat evolves, it will cover more parts of the CI/CD toolchains.

“As software supply chains are an overlooked corner of the cyber world, they have become an increasingly attractive attack vector for hackers,” said Scribe CEO and Co-founder, Rubi Arbel. “We are excited to be introducing a developer-first, practical tool that will give DevSecOps and security practitioners the assurance they need to trust the software they build and use.”

Recommended AI News: Blotout Announces New Partnership with Fastly to Improve Meta Ad Spend with Blotout’s EdgeTag

[To share your insights with us, please write to sghosh@martechseries.com]

Comments are closed.