ReversingLabs Launches Spectra Assure Community
June 26, 2024

ReversingLabs introduced Spectra Assure Community, a free community resource that makes it easy for software producers to quickly vet open source software packages by providing a comprehensive risk analysis.

Leveraging RL’s Spectra Assure software supply chain security solution, Spectra Assure Community enables developers, repository managers, and engineering teams, among others, to check more than 5 million code packages from open source repositories for malicious code, code tampering, suspicious behaviors, known vulnerabilities, license compliance issues, exposed secrets, and overall package health.

Spectra Assure Community provides a free risk assessment for open source components from the most popular package repositories such as npm, PyPi, and RubyGems. It provides a comprehensive risk assessment for software packages, offering visibility into threats, security, and compliance issues.

This community resource provides these unique insights of OSS packages with:

- Comprehensive analysis: Using Spectra Assure’s proprietary AI-driven complex binary analysis to analyze each component of a software binary for malicious code, tampering, or other risks or threats.

- Advanced threat detection: RL maintains the most complete and up-to-date corpus of malware in the world, which enables unique visibility and detection of emerging threats within OSS repositories.

- Standardized security assurance: The Spectra Assure Risk Assessment is presented in a normalized format for the selected package, allowing users to make a simple comparison.

Spectra Assure Community increases the build quality and security, saves time, and improves traceability to help any development organization deliver safe and on-time builds.

“We can no longer deny that software represents the largest under-addressed attack surface facing businesses today. The threats hiding among open source, proprietary, commercial and third-party code are leaving software producers and enterprise consumers at increasing risk,” said Tomislav Pericin, co-founder and chief software architect, ReversingLabs. “We are committed to helping developers make software safe for all with easily searchable, real-time threat intelligence data about software packages in open source repositories.”

Share this

Industry News

July 25, 2024

Backslash Security introduced its Fix Simulation and AI-powered Attack Path Remediation capabilities.

July 25, 2024

Check Point® Software Technologies Ltd. announced the appointment of Nadav Zafrir as Check Point Chief Executive Officer.

July 25, 2024

Sonatype announced that Sonatype SBOM Manager, its Enterprise-Class Software Bill of Materials (SBOM) solution, and its artifact repository manager, Nexus Repository, are now available in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).

July 24, 2024

Broadcom unveiled the latest updates to VMware Cloud Foundation (VCF), the company’s flagship private cloud platform.

July 24, 2024

CAST launched CAST SBOM Manager, a new freemium product designed for product owners, release managers, and compliance specialists.

July 24, 2024

Zesty announced the launch of its Insights and Automation Platform.

July 23, 2024

Progress announced the availability of Progress® MarkLogic® FastTrack™, a UI toolkit for building data- and search-driven applications to visually explore complex connected data stored in Progress® MarkLogic® platform.

July 23, 2024

Snowflake will host the Llama 3.1 collection of multilingual open source large language models (LLMs) in Snowflake Cortex AI for enterprises to easily harness and build powerful AI applications at scale.

July 23, 2024

Secure Code Warrior announced the availability of SCW Trust Agent – a solution that assesses the specific security competencies of developers for every code commit.

July 23, 2024

GFT launched AI Impact, a new solution that leverages artificial intelligence to eliminate technical debt, increase developer efficiency and automate critical software development processes.

July 23, 2024

Code Metal announced a $13M seed, led by Shield Capital.

July 22, 2024

Atlassian Corporation has achieved Federal Risk and Authorization Management Program (FedRAMP) “In Process” status and is now listed on the FedRAMP marketplace.

July 18, 2024

Mission Cloud announced the launch of Mission Cloud Engagements - DevOps, a platform designed to transform how businesses manage and execute their AWS DevOps projects.

July 18, 2024

Accelario announces the release of its free TDM solution, including database virtualization and data anonymization.