Codenotary revealed that its flagship product Trustcenter is now the first integrated solution to support always-updated background scanning for any artifact, build, or software stack.
Trustcenter continuously scans in the background using the most recent, up-to-date threat intelligence from multiple sources. Codenotary immediately flags the offending component when a vulnerability is discovered and issues an alert with various remediation options.
Trustcenter offers an end-to-end trusted software supply chain that is both authentic and trustworthy. It can perform millions of integrity checks per second, allowing developers to attach a tamper-resistant Software Bill of Materials (SBOM) to development artifacts such as builds, source code, repositories, and more. It also provides docker container images for their software and Kubernetes deployments. Customers, auditors, and compliance professionals can see those immediately, thanks to the SBOM.
Codenotary offers notarization and verification tools for the software development lifecycle, attesting to the code’s provenance and safety. It is possible to maintain trust status at the level of each individual artifact at scale using Trustcenter.
Trustcenter is created without submitting any data to the service. It can notarize software artifacts by using tamper-proof cryptographic verification to identify them. Each artifact retains a cryptographically strong identity stored within immudb, Codenotary’s open-source immutable database.
Dennis Zimmer, co-founder, and chief technology officer of Codenotary, stated, “We understand the complexities many companies face when running vulnerability scans, and we know that because of this, in many cases, organizations forgo regular scanning, leaving them vulnerable. But we all know better; the potential risks and costs are high without continuous scanning. Codenotary now makes scanning simple to run by automating the process and then makes that information actionable.”