Jetstack Announces Industry-First Software Supply Chain Security Toolkit

[May 17, 2022]

Jetstack, a Venafi business and chief in cloud indigenous, open supply and strategic consulting companies, nowadays announced the availability of an effortless-to-use, interactive and comprehensive toolkit for securing modern computer software supply chains. The visible, internet-based mostly resource is available to everyone and is created to support organizations examine and strategy the important techniques they require to deal with successful computer software offer chain protection. Program provide chain security has grow to be an progressively crucial issue for all companies. Following the attack in opposition to Photo voltaic Winds at the finish of 2020 that influenced around 1800 organizations, software provide chain assaults greater over 300 percent in 2021.

This push launch attributes multimedia. See the comprehensive launch in this article:

Jetstack Software Supply Chain Security Toolkit (Graphic: Business Wire)

Jetstack Computer software Provide Chain Protection Toolkit (Graphic: Business Wire)

“Most businesses now realize the urgency and value of strengthening the protection of the computer software they take in and deliver,” reported Matthew Bates, main technological innovation officer for Jetstack. “The difficulty is that it really is extremely difficult to discover and prioritize the adjustments that will need to be manufactured whilst also controlling the competing priorities of their development and protection communities. It is really incredibly challenging to determine out how to continually boost progress velocity and decrease time to deployment though, at the exact same time, boost management, visibility and safety. Our toolkit aids development and stability teams promptly figure out exactly where to start by pinpointing the problems and affect linked to distinct stability controls.”

The Program Offer Chain toolkit consolidates assistance and recommendations from a number of frameworks and whitepapers that each supply extensive steering for computer software source chain stability which include:

The interactive toolkit presents the advice from these frameworks damaged down into 4 critical places: construct pipelines, source code, provenance and deployment. Recommendations from each individual segment consist of insights on precedence and complexity together with hyperlinks to the first open up resource toolsets that can assistance with that distinct recommendation.

“Software package supply chain assaults concentrate on a whole range of vulnerabilities at various points in the computer software existence cycle,” stated Steve Judd, senior solutions architect for Jetstack and the developer of the toolkit. “Resolving these challenges requires heading as a result of a full range of controls that go well further than a program bill of resources (SBOMs), which is just just one of the 54 recommendations. The Software Provide Chain toolkit is a new form of collaboration with the open up source community built to aid the field develop proactive and preventative remedies that are purpose constructed for existing and emerging enhancement procedures.”

Pay a visit to software-supply-chain/ to perspective the toolkit.

About Jetstack

Jetstack, a Venafi business, is a cloud indigenous items and strategic consulting organization functioning with enterprises applying Kubernetes and OpenShift. Venafi is the cybersecurity marketplace leader and innovator of device identification administration.

An open up supply pioneer, Jetstack has realized noteworthy industry recognition as the creator of cert-supervisor which is the open supply market standard for cloud indigenous equipment identification administration. Jetstack’s open up supply products and solutions and solutions guard the application environments and platform infrastructure of world banking institutions, multinational retailing corporations and defense organizations.

Venafi and Jetstack are pioneers of enterprise machine identity protection, and Jetstack gives enterprise platform and safety teams the electricity to create, scale and safe their cloud indigenous infrastructure for highly developed developer automation, workload protection and software innovation.


[ Back To’s Homepage ]