Codenotary Adds Free Scanning To Secure Open Source Supply Chains

Codenotary has announced the addition of a free background vulnerability scanning service combined with a free and open source Community Attestation Service (CAS) code signing and attestation service to further secure open source supply chains.

The addition of a free vulnerability service to CAS allows cloud native and open source projects to better secure their projects. This additional service scans assets (based on the hashes uploaded) for any known security vulnerability and provides alerts if problematic packages are found in the stack. CAS can also be used to “untrust” any problematic artifacts.

Anyone can start using CAS to ensure their open source software is secured for themselves and their users.

Codenotary gives developers a way to attach a Software Bill of Materials (SBOM) for development artifacts that include source code, builds, repositories, and more, plus Docker and Kubernetes container images for their software.

You may also like

Hammerspace wins 2024 IABM BaM Award

LF Energy leads digitalization efforts to tackle decarbonization challenges

Akamai’s API Security Product achieves PCI Compliance

Carbon Data Specification Consortium helps drive climate solutions with carbon data standardization

PRAGMA aims to foster Cardano’s growing open source ecosystem

22024 State of CI/CD Report shows continued high adoption of CD and DevOps practices