Codenotary Introduces Continuous Background Vulnerability Scanning
July 13, 2022

Codenotary announced that the company’s flagship product, Trustcenter, now offers the first integrated solution to support an always up-to-date background scanning for any artifact, build, or software stack.

Trustcenter scans continuously in the background based on the latest, up-to-the-minute threat intelligence from multiple sources. Once a vulnerability is detected, Codenotary will immediately flag the offending component and provide an alert with different options available for remediation.

“We understand the complexities many companies face when running vulnerability scans and we know that because of this in many cases organizations forgo regular scanning, leaving them vulnerable,” said Dennis Zimmer, co-founder and chief technology officer, Codenotary. “But we all know better and the potential risks and costs are high without continuous scanning. Codenotary now makes scanning simple to run by automating the process and then makes that information actionable.”

Trustcenter provides an end-to-end trusted software supply chain with integrity and authenticity. It can be scaled to millions of integrity verifications per second and gives developers a way to attach a tamper-proof Software Bill of Materials (SBOM) for development artifacts that include source code, builds, repositories, and more, plus Docker container images for their software and Kubernetes deployments. The SBOM can make those instantly visible to customers, auditors and compliance professionals. It is built without uploading any data to the service, and notarizes software artifacts using tamper-proof cryptographic verification to uniquely identify those. Each artifact retains a cryptographically strong identity stored inside immudb the open source immutable database developed by Codenotary.

With Trustcenter it’s possible to maintain trust status at the level of each individual artifact at scale. Codenotary provides tools for notarization and verification of the software development lifecycle attesting to the provenance and safety of the code.

Share this

Industry News

September 27, 2022

DevOps Institute will host SKILup Festival in Singapore on November 15, 2022.

September 27, 2022

Delinea announced the latest release of DevOps Secrets Vault, its high-speed vault for DevOps and DevSecOps teams.

September 27, 2022

The Apptainer community announced version 1.1.0 of the popular container system for secure, high-performance computing (HPC). Improvements in the new version provide a smaller attack surface for production deployments while offering features that improve and simplify the user experience.

September 26, 2022

Secure Code Warrior unveiled Coding Labs, a new mechanism that allows developers to more easily move from learning to applying secure coding knowledge, leading to fewer vulnerabilities in code.

September 26, 2022

ActiveState announced the availability of the ActiveState Artifact Repository.

September 26, 2022

Split Software announced the availability of its Feature Data Platform in the Microsoft Azure Marketplace.

September 22, 2022

Katalon announced the launch of the Katalon Platform, a modern and comprehensive software quality management platform that enables teams of any size to easily and efficiently test, launch, and optimize apps, products, and software.

September 22, 2022

StackHawk announced its Deeper API Security Test Coverage release.

September 21, 2022

Platform9 announced the launch of its latest open source project, Arlon.

September 21, 2022

Redpanda Data announced Redpanda Console.

September 21, 2022

mabl announced its availability as a private listing on Google Cloud Marketplace.

September 21, 2022

Zesty announced a $75 million Series B funding round led by B Capital and Series A investor Sapphire Ventures.

September 20, 2022

Opsera, the Continuous Orchestration platform for DevOps, announced a free trial of its no-code Salesforce Release Management platform for fast and secure Salesforce releases.

September 20, 2022

Sysdig announced ToDo and Remediation Guru.

September 20, 2022

AutoRABIT announced CodeScan Shield.