Codenotary Introduces First Continuous Background Vulnerability Scanning

HOUSTON--(BUSINESS WIRE)--Codenotary, leaders in software supply chain security, today announced that the company’s flagship product, Trustcenter, now offers the first integrated solution to support an always up-to-date background scanning for any artifact, build, or software stack.

Until now, the safety of organizations’ codebases was only protected during each scan, still leaving them in a somewhat vulnerable position. Trustcenter scans continuously in the background based on the latest, up-to-the-minute threat intelligence from multiple sources. Once a vulnerability is detected, Codenotary will immediately flag the offending component and provide an alert with different options available for remediation.

“We understand the complexities many companies face when running vulnerability scans and we know that because of this in many cases organizations forgo regular scanning, leaving them vulnerable,” said Dennis Zimmer, co-founder and chief technology officer, Codenotary. “But we all know better and the potential risks and costs are high without continuous scanning. Codenotary now makes scanning simple to run by automating the process and then makes that information actionable.”

Trustcenter provides an end-to-end trusted software supply chain with integrity and authenticity. It can be scaled to millions of integrity verifications per second and gives developers a way to attach a tamper-proof Software Bill of Materials (SBOM) for development artifacts that include source code, builds, repositories, and more, plus Docker container images for their software and Kubernetes deployments. The SBOM can make those instantly visible to customers, auditors and compliance professionals. It is built without uploading any data to the service, and notarizes software artifacts using tamper-proof cryptographic verification to uniquely identify those. Each artifact retains a cryptographically strong identity stored inside immudb the open source immutable database developed by Codenotary.

With Trustcenter it’s possible to maintain trust status at the level of each individual artifact at scale. Codenotary provides tools for notarization and verification of the software development lifecycle attesting to the provenance and safety of the code.

For more information, go to Codenotary Trustcenter.

About Codenotary

With hundreds of customers that include top three banks in the U.S. and Europe, Codenotary brings easy to use trust and integrity into the software lifecycle by providing end-to-end cryptographically verifiable tracking and provenance for all artifacts, actions, and dependencies. Codenotary can be set up in minutes and can be fully integrated with modern CI/CD platforms. It is the only immutable and client-verifiable solution available that is capable of processing millions of transactions a second. With the Codenotary tamper-proof bill of materials, users can instantly identify untrusted components in their software builds. For more information, go to https://www.codenotary.com.