ReversingLabs introduced Spectra Assure Community, a free community resource that makes it easy for software producers to quickly vet open source software packages by providing a comprehensive risk analysis.
Leveraging RL’s Spectra Assure software supply chain security solution, Spectra Assure Community enables developers, repository managers, and engineering teams, among others, to check more than 5 million code packages from open source repositories for malicious code, code tampering, suspicious behaviors, known vulnerabilities, license compliance issues, exposed secrets, and overall package health.
Spectra Assure Community provides a free risk assessment for open source components from the most popular package repositories such as npm, PyPi, and RubyGems. It provides a comprehensive risk assessment for software packages, offering visibility into threats, security, and compliance issues.
This community resource provides these unique insights of OSS packages with:
- Comprehensive analysis: Using Spectra Assure’s proprietary AI-driven complex binary analysis to analyze each component of a software binary for malicious code, tampering, or other risks or threats.
- Advanced threat detection: RL maintains the most complete and up-to-date corpus of malware in the world, which enables unique visibility and detection of emerging threats within OSS repositories.
- Standardized security assurance: The Spectra Assure Risk Assessment is presented in a normalized format for the selected package, allowing users to make a simple comparison.
Spectra Assure Community increases the build quality and security, saves time, and improves traceability to help any development organization deliver safe and on-time builds.
“We can no longer deny that software represents the largest under-addressed attack surface facing businesses today. The threats hiding among open source, proprietary, commercial and third-party code are leaving software producers and enterprise consumers at increasing risk,” said Tomislav Pericin, co-founder and chief software architect, ReversingLabs. “We are committed to helping developers make software safe for all with easily searchable, real-time threat intelligence data about software packages in open source repositories.”
Check Point® Software Technologies Ltd. announced that it has been recognized as a Visionary in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms.
Check Point Harmony Endpoint is shaping the future of workspace security with flexible deployment options and a unified security approach, offering robust endpoint protection tailored to organizations of any scale.
Harness expanded its strategic partnership with Google Cloud, focusing on new integrations leveraging generative AI technologies.
OKX announced the launch of OKX OS, an onchain infrastructure suite.
Elastic, the Search AI Company, announced the Elasticsearch Open Inference API now supports the Gemini Developer API.
Cirata announced a new release of Cirata Subversion MultiSite Plus, a DevOps solution that enables distributed teams to securely collaborate as one with no downtime or disruption.
Crowdbotics announced the availability of new capabilities of its AI-powered application development platform, aimed at addressing the most significant challenges in the application development industry.
Cloudflare announced powerful new capabilities for Workers AI, the serverless AI platform, and its suite of AI application building blocks, to help developers build faster, more powerful and more performant AI applications.
Codefesh has announced the general availability of enterprise support for Argo CD, Argo Workflows, Argo Rollouts, and Argo Events to all Argo users.
Harness announced a new product release featuring a multi-agent AI architecture designed to revolutionize workflows, increase productivity, and enhance the work experience for software developers globally.
Salt Security announced its integration with Google Cloud's Apigee API Management platform.
System Initiative announced the general availability of its technology for DevOps Automation.
Diagrid announced the public beta of Catalyst, which extends open source Dapr beyond Kubernetes to include major cloud compute platforms – making it easier to create microservice applications.
Sencha announces the launch of two innovative products: ReExt and Rapid Ext JS.
Kobiton announces its plans to provide mobile app developers with new AI-enabled testing tools.
Progress announced that Progress® Semaphore™, its metadata management and semantic AI platform, has been named the Leader and a Gold Medalist in Info-Tech Research Group's 2024 Metadata Management Data Quadrant.
