There were 772 press releases posted in the last 24 hours and 400,847 in the last 365 days.

Scribe Security and illustria Partner to Elevate Software Supply Chain Security and Open Source Dependency Management

Scribe Security partners with illustria to offer enhanced software supply chain security, including improved curation and monitoring of open-source dependencies

TEL AVIV, ISRAEL, September 10, 2024 /EINPresswire.com/ -- Scribe Security, a leading vendor and innovator in state-of-the-art software supply chain security platforms, has partnered with illustria, a pioneering OSS risk and intelligence solution provider, to deliver a powerful solution that extends security coverage to include enhanced curation and monitoring of open-source software (OSS) dependencies. This collaboration equips organizations with a cutting-edge toolset for managing and securing OSS components across the entire software development lifecycle.

Scribe Security offers extensive capabilities to protect the software supply chain, including Software Composition Analysis (SCA), Software Bill of Materials (SBOM) generation and management, Software Development Life Cycle (SDLC) policy guardrails, anti-tampering controls, in-toto attestations, and continuous monitoring from development to production. These measures safeguard all phases of the software lifecycle against vulnerabilities and security threats.
Complementing Scribe's offerings, illustria brings its expertise to OSS dependency curation. It focuses on risk behavior analytics of OSS projects by assessing over 60 different risk factors. This real-time evaluation ensures that risk assessments remain up-to-date and relevant. illustria correlates data from multiple sources, including domain reputation and standard OSS information, to provide a detailed understanding of potential risks. The company's risk models, driven by rules and machine learning, detect patterns associated with known attacks on OSS projects, enabling proactive risk management.

Together, Scribe Security and illustria present a solution that utilizes a behavioral and rule-based dependency firewall across crucial stages of the software development and deployment process:

Developer and Build Gates: Early identification of risky OSS dependencies helps prevent their inclusion in the build, enhancing security from the start.
Admission Control: Strict checks during deployment ensure that only secure and vetted components are permitted into production environments.
Post-Deployment Monitoring: Continuous surveillance of deployed components provides alerts on any changes in the status of OSS dependencies in the SBOM, allowing for the swift detection and response to new vulnerabilities or security issues.

This partnership is also highly beneficial for software consumers who must evaluate packaged software from third-party vendors. By leveraging Scribe Security’s SBOM capabilities and illustria’s real-time OSS dependency risk analysis, organizations can effectively assess the security and integrity of third-party software packages before deployment, ensuring compliance with stringent security standards and reducing potential risks associated with external software.
"Combining illustria’s real-time OSS dependency curation with Scribe’s comprehensive security tools allows us to offer a solution that significantly enhances protection against software supply chain threats," said Rubi Arbel, Co-founder and CEO of Scribe Security. "Organizations can efficiently manage risks, maintain a high level of oversight, and confidently evaluate the security of software provided by third-party vendors."

"Our partnership with Scribe Security marks a major advancement in securing software supply chains," said Idan Wiener, CEO and Co-founder of illustria. "By integrating our advanced risk behavior analytics with Scribe’s extensive attestation-based security approach, we provide organizations with the necessary tools to protect against cyber threats and to assess the security of vendor-supplied software with confidence."

About Scribe Security
Scribe Security is committed to delivering top-tier software supply chain security solutions. The Scribe Trust Hub, a SaaS platform, enables software producers to develop products that are secure by default and control all risk aspects in their software factory. It also allows software consumers transparency, risk control, and trust. Scribe supports SBOM generation, vulnerability management, continuous code signing, integrity and provenance checks, and SDLC governance and compliance, ensuring the security and reliability of software products. For more information, visit Scribe Security.

About illustria
Illustria (https://illustria.io/) specializes in open-source security and offers advanced capabilities in OSS dependency curation. It helps organizations securely use open-source components by evaluating numerous real-time risk factors. illustria’s solutions integrate with existing security infrastructures, providing ongoing monitoring and risk assessments for OSS projects.

Key Takeaways:
The partnership merges Scribe Security’s comprehensive software supply chain security continuous assurance capabilities with illustria’s real-time OSS dependency curation, providing a practical approach to managing and securing open-source components.

Organizations using this integrated solution can efficiently manage risks associated with OSS dependencies, leveraging real-time analytics and monitoring to address known and emerging threats.

The combined offering deploys a behavioral and rule-based dependency firewall throughout the software development and deployment process, strengthening security from development to production.

This collaboration also serves software consumers by enabling thorough evaluations of packaged software from third-party vendors, helping meet strict security standards, and reducing risks associated with external software sources.
Through this partnership, Scribe Security and illustria solidify their positions as leaders in software supply chain security, offering innovative solutions that protect digital assets, foster secure development practices, and enable informed decisions regarding the use of third-party software.

Lilach bartal
G2MTeam
email us here
Visit us on social media:
LinkedIn

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.