Skip to content
All posts

Immutability Specialist Codenotary Now Offers Trusted Software Supply Chain Assurance in a Fast, Easy, Inexpensive Cloud

Codenotary Cloud reduces cost to identify vulnerabilities in software by 80%

HOUSTON, February 1, 2021 — Codenotary, the immutability specialist that can instantly identify untrusted components in software, today announced Codenotary Cloud, a fast, easy, inexpensive way to determine where a vulnerability, such as Log4j, exists. Codenotary Cloud reduces the cost to almost instantly identify and remove unwanted artifacts by up to 80% and delivers compliance with the U.S. Executive Order on Improving the Nation’s Cybersecurity.

“A vulnerability scan tells you a malware is present, but then the problem is you need to find all the places it exists and that can often take weeks or months,” said Moshe Bar, co-founder and CEO, Codenotary. “With Codenotary Cloud, it’s possible to do that in seconds – with the ability to create, track, and query your software including the Software Bill of Materials (SBOM).”

Codenotary Cloud provides an end-to-end trusted software supply chain with integrity and authenticity. It can be scaled to millions of integrity verifications per second and gives developers a way to attach a tamper-proof SBOM for development artifacts that include source code, builds, repositories, and more, plus Docker container images for their software and Kubernetes deployments. The SBOM can make those instantly visible to customers, auditors and compliance professionals. It is built without uploading any data to the service, instead notarizing these artifacts using tamper-proof cryptographic verification to uniquely identify development artifacts. Each artifact retains a cryptographically strong identity stored in Codenotary’s immutable database, immudb.

With Codenotary Cloud it’s possible to maintain trust status at the level of each individual artifact at scale. Codenotary Cloud provides tools for notarization and verification of the software development lifecycle attesting to the provenance and safety of the code.

Codenotary Cloud can be fully integrated with most vulnerability scanners and popular cloud-native continuous integration/continuous delivery (CI/CD) systems. The DevOps attestation service runs on any cloud or host as a managed service or customers can host themselves. Pricing starts at $5,500 for a workgroup of 10 developers.

To learn more, see a demo and start a trial to create tamper-proof SBOMs for your software in minutes, go here.

About CodenotaryCodenotary brings easy to use trust and integrity into the software lifecycle by providing end-to-end cryptographically verifiable tracking and provenance for all artifacts, actions, and dependencies. Codenotary can be set up in minutes and can be fully integrated with modern CI/CD platforms. It is the only immutable and client-verifiable solution available that is capable of processing millions of transactions a second. With the Codenotary tamper-proof bill of materials, users can instantly identify untrusted components in their software builds. For more information, go to