-

New Trustcenter for Teams Makes Software Bill of Materials Operational

New licensing for teams, improves security by adding vulnerability information, providing exploitability scores

HOUSTON--(BUSINESS WIRE)--Codenotary, leaders in software supply chain protection, today announced the latest release of Trustcenter for Teams – adding vulnerability information to the Software Bill of Materials (SBOM) and now reporting an exploitability score to improve software security.

Codenotary also introduced Trustcenter for Teams packaging option targeted at small groups of users starting at $49 per month.

Trustcenter now adds support for the VEX (Vulnerability Exploitability eXchange) format which is used to enhance information contained in the SBOM by communicating the current status of vulnerabilities discovered in software components, such as:

  • Current status on mitigation for the vulnerability;
  • Recommended workaround;
  • Availability of a patch or new version.

“This takes the SBOM beyond simply being a list of ingredients,” said Dennis Zimmer, co-founder and chief technology officer, Codenotary. “Now, there is actionable information attached, which makes the SBOM operational and not just a static list.”

Further, Trustcenter provides exploitability scores based on the EPSS (Exploit Prediction Scoring System) model providing guidance based on a standard that assesses the probability that a software vulnerability could be exploited. There are EPSS scores for all published common vulnerabilities and exposures (CVE).

“Exploitability scores are very useful for determining and assessing overall threats,” said Zimmer. “When combined with VEX information, it really provides a clear picture of vulnerabilities – their status and severity. We expect more and more vendors to produce VEX information for their software to share with their customers via Trustcenter.”

With the new release, Trustcenter provides full functionality to generate a SBOM, detect vulnerabilities, add VEX information, and report the exploitability score. Trustcenter enables enterprises to comply with the U.S. Executive Order on Improving the Nation’s Cybersecurity, which includes maintaining a Software Bill of Materials (SBOM), as well as the SLSA security framework to ensure trust in the software supply chain.

“Our customers face a huge challenge with regard to the software supply chain,” said Mirco Leimgruber, co-founder and chief technology officer, Essentx AG, a cloud security service provider. “For them, one essential challenge is the usage of SBOMs to get detailed insights about the software they are using and its components. To enable our customers to calculate potential risks and make decisions about how to mitigate them, SBOMs are a key factor to understand the software.”

Codenotary offers a free trial for Trustcenter at https://codenotary.com/tc-trial

About Codenotary

With hundreds of customers that includes top three banks in the U.S. and Europe, Codenotary brings easy to use trust and integrity into the software lifecycle by providing end-to-end cryptographically verifiable tracking and provenance for all artifacts, actions, and dependencies. Trustcenter can be set up in minutes and can be fully integrated with modern CI/CD platforms. It is the only immutable and client-verifiable solution available that is capable of processing millions of transactions a second. With the Codenotary tamper-proof bill of materials, users can instantly identify untrusted components in their software builds. For more information, go to https://www.codenotary.com.

Contacts

Joe Eckert for Codenotary
Eckert Communications
jeckert@eckertcomms.com

Codenotary


Release Summary
Trustcenter now adds support for the Vulnerability Exploitability eXchange (VEX) format.
Release Versions

Contacts

Joe Eckert for Codenotary
Eckert Communications
jeckert@eckertcomms.com

Social Media Profiles
More News From Codenotary

Codenotary Joins Anthropic Verified Access Program to Advance Autonomous AI Security Research

HOUSTON--(BUSINESS WIRE)--Codenotary, leaders in assuring safe and secure use of AI, today announced it has joined Anthropic’s Cyber Verification Program, a security research initiative that enables qualified organizations to conduct advanced defensive AI cybersecurity research under Anthropic’s responsible-use framework.As enterprise adoption of AI agents accelerates, organizations are moving beyond isolated chatbots to deploy thousands of autonomous systems with persistent memory, delegated au...

Codenotary Launches AgentMon 3 with Adaptive Runtime Security Policies; Expands Availability on AWS Marketplace

HOUSTON--(BUSINESS WIRE)--Codenotary, leaders in assuring safe and secure use of AI, today announced AgentMon 3, the latest generation of its enterprise AI security platform, introducing adaptive runtime security policies. These continuously evolve as AI agents operate across an organization by learning from customer-specific workflows, observed behavioral patterns, and newly emerging threats. The company also announced that AgentMon is now available through AWS Marketplace, making enterprise d...

Codenotary Surpasses 3 Million AI Agent Interactions Monitored Per Day, Revealing New AI Runtime Risks

HOUSTON--(BUSINESS WIRE)--Codenotary, leaders in assuring safe and secure use of AI use, today announced that its AgentMon AI runtime observability platform is now monitoring more than 3 million AI-agent interactions per day across enterprise customer environments, underscoring the rapid operationalization of agentic AI systems. The milestone also revealed that approximately 7% of all monitored AI-agent interactions triggered security, compliance, or operational anomaly detections, representing...
Back to Newsroom