Parasoft announces the opening of its new office in Northeast Ohio.
Codenotary Cloud Adds New Features
March 15, 2022
Codenotary announced new features in Codenotary Cloud that provide all-in-one, end-to-end software supply chain security and DevSecOps.
This latest version includes Codenotary’s own vulnerability scanning, in addition to the ability to integrate with other vulnerability scanners, which means Codenotary Cloud now provides assurance of a fully-trusted, tamper-proof software supply chain – from checking for vulnerabilities to cryptographic verification and ensuring the provenance of software artifacts and then tracking those in inventory in a Software Bill of Materials (SBOM). In addition, further enhancements have been made to Codenotary Cloud capabilities including extending the existing trust/untrust functionality to now allow policy enforcement that provides full protection in DevOps deployments.
Codenotary Cloud, first announced last month, reduces the cost to almost instantly identify and remove unwanted artifacts by up to 80% and delivers compliance with the U.S. Executive Order on Improving the Nation’s Cybersecurity.
“Our cloud service delivers simplicity combined with the industry’s most sophisticated capabilities for assuring a secure software supply chain,” said Moshe Bar, co-founder and CEO, Codenotary. “It is immutable and tamper-proof providing users with full trust in the essential software they rely on to run their businesses. That is not trivial in today’s world where software supply chain attacks like log4j and SolarWinds have had far-reaching consequences.”
Codenotary Cloud provides an end-to-end trusted software supply chain with integrity and authenticity. It can be scaled to millions of integrity verifications per second and gives developers a way to attach a tamper-proof SBOM for development artifacts that include source code, builds, repositories, and more, plus Docker container images for their software and Kubernetes deployments. The SBOM can make those instantly visible to customers, auditors and compliance professionals. It is built without uploading any data to the service, instead notarizing these artifacts using tamper-proof cryptographic verification to uniquely identify development artifacts. Each artifact retains a cryptographically strong identity stored inside immudb the open source immutable database developed by Codenotary.
With Codenotary Cloud it’s possible to maintain trust status at the level of each individual artifact at scale. Codenotary Cloud provides tools for notarization and verification of the software development lifecycle attesting to the provenance and safety of the code.
Codenotary Cloud can be integrated with popular cloud-native continuous integration / continuous delivery (CI/CD) systems. The DevOps attestation service runs on any cloud or host as a managed service or customers can host themselves.
Industry News
May 02, 2024
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
May 02, 2024
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
May 02, 2024
Nokod Security announced the general availability of the Nokod Security Platform.
May 02, 2024
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
May 01, 2024
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
May 01, 2024
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
May 01, 2024
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
May 01, 2024
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
May 01, 2024
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
April 30, 2024
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
April 30, 2024
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
April 30, 2024
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
April 29, 2024
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
April 29, 2024
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.
