Skip to content
Codenotary

Only use components for your apps that you know and trust

Enterprise-grade SBOM management with attestations and tracking of
software vendor risk

 

Mascot_immudb_transparent

Trusted by

  • Ruag
  • Motorola
  • DzBank
  • TasNetworks
  • US_Department_of_State3
  • American School of surgeons
  • ifolor
  • Migros
  • DocuSign
  • Safran
  • OeKB-1
  • Lord Abbett-1
  • Stock Yards-1
  • Porsche-1
  • Centrale Nantes
  • Siemens
  • FL County Court-1
  • BA2

Trustcenter v4.6

SBOM management incl. vulnerability scanning, VEX, Vendor risk, Attestation

Trustcenter009
  • Create, manage and curate 1st and 3rd party SBOMs
  • Vulnerability scanning inside your SBOMs
  • Provenance and attestation tracker
  • ML-based VEX generation and action items

SBOM.sh v2.3

Free SBOM creation and sharing for open source developers

Trustcenter012
  • Easy sharing of SBOMs
  • Insight into Your Software's Ingredients
  • Built-in vulnerability scanning
  • SBOM quality check

Guardian™ v1.4

Complete and continuous visibility into your DevOps security exposures

Trustcenter011
  • Monitor the security exposure of your DevOps environment
  • Real-time risk monitoring of internal and external code
  • Component risk monitoring (SBOM + VEX)
  • Subscribe to risk exposures alerts
https://23873599.fs1.hubspotusercontent-na1.net/hubfs/23873599/cyclonedx-1.6.png

Apr 17, 2024 4:15:04 AM

Codenotary to Support Updated SBOM Standards: CycloneDX 1.6 and SPDX 3.0

https://23873599.fs1.hubspotusercontent-na1.net/hubfs/23873599/CN-Assets%20%2821%29.png

Apr 1, 2024 9:15:07 AM

XZ Vulnerability: Understanding Complex Supply Chain Attacks

https://23873599.fs1.hubspotusercontent-na1.net/hubfs/23873599/CN-Assets%20%2819%29.png

Apr 1, 2024 6:25:30 AM

Binary Security with SBOMs: Using BLint for Effortless Generation

https://23873599.fs1.hubspotusercontent-na1.net/hubfs/23873599/image-png-Mar-31-2024-03-11-56-5354-PM.png

Mar 31, 2024 3:47:10 AM

Backdoor in upstream xz/liblzma leading to ssh server compromise

https://23873599.fs1.hubspotusercontent-na1.net/hubfs/23873599/cra-feature-home.webp

Mar 19, 2024 8:59:26 AM

Stärkung der Cybersicherheit in Europa: Der Einfluss von SBOMs und Attestation gemäß dem Cyber Resilience Act

Total DevOps protection.

Scalable software supply chain protection with end to end artifact tracking and world class SBOM and VEX management. 

TC5-Amico
tce
truffles2
truffles

Total software compliance.

No matter if software is developed or consumed, meet compliance standards like:

  • SBOM, CycloneDX and SPDX
  • SBOM Management, Tracking and Sharing
  • Provenance and Attestation
  • Compliance for NIST SSDF, FedRAMP, and PCI-DSS 4.0
  • Software Risk scoring