ReversingLabs Launches Spectra Assure Community
June 26, 2024

ReversingLabs introduced Spectra Assure Community, a free community resource that makes it easy for software producers to quickly vet open source software packages by providing a comprehensive risk analysis.

Leveraging RL’s Spectra Assure software supply chain security solution, Spectra Assure Community enables developers, repository managers, and engineering teams, among others, to check more than 5 million code packages from open source repositories for malicious code, code tampering, suspicious behaviors, known vulnerabilities, license compliance issues, exposed secrets, and overall package health.

Spectra Assure Community provides a free risk assessment for open source components from the most popular package repositories such as npm, PyPi, and RubyGems. It provides a comprehensive risk assessment for software packages, offering visibility into threats, security, and compliance issues.

This community resource provides these unique insights of OSS packages with:

- Comprehensive analysis: Using Spectra Assure’s proprietary AI-driven complex binary analysis to analyze each component of a software binary for malicious code, tampering, or other risks or threats.

- Advanced threat detection: RL maintains the most complete and up-to-date corpus of malware in the world, which enables unique visibility and detection of emerging threats within OSS repositories.

- Standardized security assurance: The Spectra Assure Risk Assessment is presented in a normalized format for the selected package, allowing users to make a simple comparison.

Spectra Assure Community increases the build quality and security, saves time, and improves traceability to help any development organization deliver safe and on-time builds.

“We can no longer deny that software represents the largest under-addressed attack surface facing businesses today. The threats hiding among open source, proprietary, commercial and third-party code are leaving software producers and enterprise consumers at increasing risk,” said Tomislav Pericin, co-founder and chief software architect, ReversingLabs. “We are committed to helping developers make software safe for all with easily searchable, real-time threat intelligence data about software packages in open source repositories.”

Share this

Industry News

January 09, 2025

Checkmarx announced a new generation in software supply chain security with its Secrets Detection and Repository Health solutions to minimize application risk.

January 08, 2025

SmartBear has appointed Dan Faulkner, the company’s Chief Product Officer, as Chief Executive Officer.

January 07, 2025

Horizon3.ai announced the release of NodeZero™ Kubernetes Pentesting, a new capability available to all NodeZero users.

January 06, 2025

GitHub announced GitHub Copilot Free.

January 06, 2025

Veracode acquired certain assets of Phylum, including its malicious package analysis, detection, and mitigation technology.

January 06, 2025

AppViewX announced the completion of its acquisition by Haveli Investments.

December 19, 2024

Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).

December 19, 2024

Progress announced its partnership with the American Institute of CPAs (AICPA), the world’s largest member association representing the CPA profession.

December 18, 2024

Kurrent announced $12 million in funding, its rebrand from Event Store and the official launch of Kurrent Enterprise Edition, now commercially available.

December 18, 2024

Blitzy announced the launch of the Blitzy Platform, a category-defining agentic platform that accelerates software development for enterprises by autonomously batch building up to 80% of software applications.

December 17, 2024

Sonata Software launched IntellQA, a Harmoni.AI powered testing automation and acceleration platform designed to transform software delivery for global enterprises.

December 17, 2024

Sonar signed a definitive agreement to acquire Tidelift, a provider of software supply chain security solutions that help organizations manage the risk of open source software.

December 17, 2024

Kindo formally launched its channel partner program.

December 16, 2024

Red Hat announced the latest release of Red Hat Enterprise Linux AI (RHEL AI), Red Hat’s foundation model platform for more seamlessly developing, testing and running generative artificial intelligence (gen AI) models for enterprise applications.

December 16, 2024

Fastly announced the general availability of Fastly AI Accelerator.