Top Financial Institutions Secure DevOps Using Codenotary Cloud

HOUSTON--(BUSINESS WIRE)--Codenotary, leaders in software supply chain security, today announced that two of the three largest banks in the U.S. and Europe have selected Codenotary Cloud to secure their DevOps deployments and software supply chain. Codenotary Cloud enables customers to comply with the Supply-chain Levels for Software Artifacts (SLSA) framework.

These two banks have more than $70 billion in annual revenue and depend on many software projects that are developed by globally distributed teams using continuous integration/continuous development (CI/CD) both on-premises and in the cloud. Both banks maintain a legacy code base while increasingly evolving towards a cloud-native model. Codenotary Cloud provides them with code signing, provenance tracking, and managing code deployments with traceability from source code to runtime and back, if necessary. There are a total of more than 35,000 developers executing up to 100,000 software builds a day. Codenotary Cloud is able to handle the massive scale of these two banks' DevOps deployments, which requires processing many billions of artifacts every month and reliability measuring 99.99% uptime.

“Even before the recent wave of supply chain attacks, we developed a global DevOps and security strategy for our company-wide digital transformation,” said a managing director at a top U.S. investment bank. “Codenotary Cloud helps us achieve our goal of delivering applications securely that are tamper-proof while keeping provenance from source to production. The ability to search all of our dependencies in real time makes the product invaluable to our risk management and security compliance processes.”

Codenotary Cloud provides the ability to catalog and trust components of the software development lifecycle which help attest to the origin and safety of the code. The company further enhances this core capability by providing an additional tamper-proof layer which processes and stores millions of transactions per second, on-premises or as a cloud service, and with cryptographic verification. It gives developers a way to attach a Software Bill of Materials (SBOM) for development artifacts that include source code, builds, repositories, and more, plus Docker and Kubernetes container images for their software.

“Codenotary Cloud is uniquely capable of bringing trust and integrity to the development organizations of enterprises,” said Moshe Bar, co-founder and CEO of Codenotary. “Our technology empowers customers to secure every aspect of their pipeline from source to deployment and at runtime, too. Codenotary Cloud helps provide observability into what is running, where it is in the stack, what vulnerabilities are lurking beneath, and most importantly who is responsible for that code. All this data is searchable too.”

To learn more and for a free trial of Codenotary Cloud go here.

About Codenotary

With over 130 customers that includes top three banks in the U.S. and Europe, Codenotary brings easy to use trust and integrity into the software lifecycle by providing end-to-end cryptographically verifiable tracking and provenance for all artifacts, actions, and dependencies. Codenotary can be set up in minutes and can be fully integrated with modern CI/CD platforms. It is the only immutable and client-verifiable solution available that is capable of processing millions of transactions a second. With the Codenotary tamper-proof bill of materials, users can instantly identify untrusted components in their software builds. For more information, go to https://www.codenotary.com.