![]() ![]() Register for the webinar on New and Emerging Requirements for Software Vendors To reap the benefits of attestations, SBOM and ActiveState's secure build service, contact us to learn about our Enterprise Tier subscription. Try the ActiveState Platform by signing up for a free ActiveState account. By delivering attestations for all open source packages, ActiveState enables software vendors to verify that their application has been built in a secure manner using an untampered process for producing trusted artifacts and binaries." That's why today's announcement is so important. Loreli Cadapan, Vice President, Product, ActiveState, said: "We believe the White House order signals a larger trend that will soon become industry standard. The ActiveState Platform solves this problem automatically by building every artifact from source with a cloud-scale vendoring solution to deliver:Īutomated solving and management of complex open source dependenciesĪs a result, employing ActiveState as a trusted vendor takes the time, hassle, and risk out of using open source, enabling software vendors to secure their supply chain and comply with even the most stringent security requirements. This puts them at serious risk for missing the White House deadline for compliance. While some very large organizations may have the systems and processes in place to comply with the order, this will be an expensive process for everybody else because most organizations do not meticulously track open source provenance. That means the order affects the majority of the software development market. Since it includes software that touches government data or systems in any way, it actually affects all upstream and downstream suppliers, as well. The White House order applies to more than just government suppliers. ![]() ![]() In addition, ActiveState's secure build service delivers isolated, ephemeral, hermetic and verifiably reproducible builds from source code, so developers no longer need to install potentially compromised binaries or deal with security issues.Ĭlick to tweet: ActiveState adds open source attestations, alongside its existing software bill of materials (SBOM) capabilities, to enable customers to comply with White House orders regarding software supply chain security. ActiveState builds and fervently maintains a curated catalog of trusted artifacts that meets the requirements for Supply Chain Levels for Software Artifacts ( SLSA) level 4, including software bill of materials (SBOM) and attestations, to proactively secure customers' software supply chains. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |