Introduction Most modern communications over computer networks are reliant on TLS to keep them safe and secure from unauthorized third parties. It is vital to keep track of the expiration dates of the TLS certificates in use. A commonly used software in professional environments for event monitoring and alerting, for example in case your TLS …
Monitoring certificate expiration with Prometheus Read More »
Codenotary released TrueSBOM for Serverless Apps which is an easy to integrate solution to create SBOM and track dependencies for your serverless functions running on AWS Lambda, Google Cloud Functions and Microsoft Azure. SBOM – what is it? Why do you need SBOM (short for software bill of materials) in first place? There is prevalence …
“Most if not all of the hacker attacks on well-known companies in recent years didn’t come about because of weak perimeter defense. Indeed, perimeter defense has proven to be remarkably good. But nowadays, most attacks happen because of big gaps in the security of the development supply chain. In other words, vulnerabilities and malware enter …
Your Application Development Organization Inadvertently Leaves Door Open for Hackers Read More »
As a concept, the Software Bill of Materials (SBOM) isn’t particularly complex: it’s a manifest that identifies the components that make up a particular software artifact. When we start looking at the practical implementation of SBOMs, however, a lot of complexity is suddenly introduced into the equation. You might be wondering what actually goes into …
Codenotary announces the release of a new product: Auditable Change Management (ACM). ACM is part of Opvizor. Do you observe that your company pays for licensed software much more than it could? Now with ACM you are able to cryptographically prove that you never exceeded the agreed amount of resources and software instances. Track changes on ESXi …
Learn how to reuse code in continuous integration pipelines with our digital assets attestation tool If you need to use the same piece of code in many different pipelines, a Jenkins shared library is a good approach. After importing it, you will have access to its methods, which is a convenient way of avoiding repetition …
A Jenkins shared library to execute commands with vcn, our CLI tool Read More »
Simple uptime monitoring for Internet-of-Things (IoT) is well-known and requires knowing if the devices are up and running. Having additional long-term performance data, secure (tamper-proof) logging at your Edge devices is only a tiny step when using Metrics & Logs. With our support for device, infrastructure, and application metrics as well as Syslog data, you …
Metrics & Logs support for IoT – Bringing Secure Monitoring and Logging to the Edge Read More »
Recently, we at Codenotary released a new version of a GitHub Action that can be used to download our enterprise CLI tool vcn and execute commands with it. Available on GitHub’s marketplace, it can be implemented by our customers in GitHub Action continuous integration pipelines to notarize and authenticate digital assets as part of an …
A GitHub Action to download and use our enterprise tool vcn in CI Read More »
Last weekend was all about releasing fixes for a major (critical) Confluence server vulnerability, tracked by CVE-2022-26134, that allows an unauthenticated attacker to execute arbitrary code (remote code execution, RCE). You should be very aware of that vulnerability as Confluence servers are a very attractive target for initial access to a corporate network. Therefore, systems …
Serious security vulnerabilities in Atlassian Confluence affect many organizations Read More »
Trust is a journey and not a state that lasts forever. Many customers we speak with store artifacts and container images in their private registry to keep them secure. The truth is that it is not only about vulnerabilities, but many other attributes, like licenses, existing contracts, or new versions. Therefore, the trust level can …
Our software prevents and mitigates damage from harmful components in your DevOps environment.
Please let us know where we can send the whitepaper on Codenotary Trusted Software Supply Chain.
Please enter contact information to receive an email with the free trial details.
