LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.
Codenotary Releases TrueSBOM for Serverless
November 29, 2022
Codenotary announced TrueSBOM for Serverless, a self-updating Software Bill of Materials (SBOM) for applications running on AWS Lamda, Google Cloud Functions and Microsoft Azure Functions that is made possible by simply adding one line to the application source code.
With TrueSBOM, applications self-report their components so that the SBOM always remains up-to-date. That is really the only way to create an SBOM for serverless applications. Otherwise, SBOMs are created as a snapshot in time that shows the list of components when the application is created. But, because serverless apps are created ‘on-the-fly’ each time they are invoked, the traditional way of creating SBOMs was useless – requiring the SBOM to be maintained every time. The patent-pending Codenotary technology changes all of that.
“The real-time update capability of our TrueSBOM technology makes it possible to generate an SBOM for serverless apps, which previously was almost impossible leaving organizations with a gaping security hole,” said Dennis Zimmer, co-founder and CTO, Codenotary. “Now, with TrueSBOM it’s possible to generate the list of ingredients that make up the application in real-time adding a new level of security to serverless applications.”
The new TrueSBOM for Severless helps enterprises comply with the US Executive Order on Improving the Nation’s Cybersecurity, which includes maintaining a Software Bill of Materials (SBOM), as well as the SLSA security framework to ensure trust in the software supply chain.
TrueSBOM guarantees that the SBOM for a serverless application is always a true reflection of its components – and that the SBOM is not just a text file that is stored separately from the application, but rather it’s part of the application itself that export on request its own SBOM or list of ingredients. This is critical for modern applications like serverless that self-update, where relying on an external SBOM generation at build-time would not pick up the new updates.
In addition, TrueSBOM allows the enrichment of the SBOM with vulnerability scanner results or trust and integrity information. TrueSBOM keeps the list of contents in an app up-to-date at all times providing a level of security that was previously near impossible to attain.
TrueSBOM for Serverless is available now.
Industry News
April 14, 2025
Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.
April 14, 2025
Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.
April 10, 2025
Check Point® Software Technologies Ltd.(link is external) announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.
April 10, 2025
Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.
April 10, 2025
The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.
April 09, 2025
Backslash Security(link is external) announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.
April 09, 2025
SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.
April 09, 2025
Akamai Technologies introduced App & API Protector Hybrid.
April 09, 2025
Veracode has been granted a United States patent for its generative artificial intelligence security tool, Veracode Fix.
April 09, 2025
Zesty announced that its automated Kubernetes optimization platform, Kompass, now includes full pod scaling capabilities, with the addition of Vertical Pod Autoscaler (VPA) alongside the existing Horizontal Pod Autoscaler (HPA).
April 08, 2025
Check Point® Software Technologies Ltd.(link is external) has emerged as a leading player in Attack Surface Management (ASM) with its acquisition of Cyberint, as highlighted in the recent GigaOm Radar report.
April 08, 2025
GitHub announced the general availability of security campaigns with Copilot Autofix to help security and developer teams rapidly reduce security debt across their entire codebase.
April 08, 2025
DX and Spotify announced a partnership to help engineering organizations achieve higher returns on investment and business impact from their Spotify Portal for Backstage implementation.
April 07, 2025
Appfire announced its launch of the Appfire Cloud Advantage Alliance.
