ActiveState Delivers Trust For The Open Source Supply Chain
The ActiveState Platform Secure Build Service Supports SLSA Levels 1-4 to Mitigate Software Supply Chain Risk
VANCOUVER, BC, June 23, 2022 /PRNewswire/ -- Today, ActiveState announced the availability of their secure build service, a major component of the ActiveState Platform, which implements the greatest number of Supply Chain Levels for Software Artifacts (SLSA) Level 4 controls of any publicly available build platform. As defined by slsa.dev, SLSA is "a security framework, a check-list of standards and controls to prevent tampering, improve integrity, and secure packages and infrastructure in your projects, businesses or enterprises. It's how you get from safe enough to being as resilient as possible, at any link in the chain."
Click to tweet: The ActiveState Platform secure build service provides controls to meet SLSA Level 4 standards which decreases the cost and risk of working with open source dependencies. #secureyoursoftwaresupplychain https://ctt.ac/fXicO+
ActiveState's Supply Chain Security survey showed that too many organizatios (regardless of size) continue to implicitly trust open source language repositories, despite the fact that they provide no guarantee of security or integrity for the millions of third-party software assets they provide to software developers.
The ActiveState Platform secure build service implements the controls to generate SLSA level 4 artifacts for open source components that:
ActiveState pairs these controls with its unique open source management capabilities to deliver comprehensive software supply chain security that includes:
This means that DevOps now has a trusted vendor for open source supply chain management as an alternative to setting up their own supply chains, which are time-consuming and inherently insecure.
The ActiveState Platform secure build service supports SLSA Level 4 standards to enable DevOps to dramatically reduce the risk and cost of securing their software supply chain while ensuring the security and integrity of the products and services they create.
Loreli Cadapan, Vice President, Product Management, ActiveState, said: "The effort of building and verifying the security and integrity of every open source dependency used by DevOps teams worldwide can be expensive, requiring significant engineering time and resources. The ActiveState Platform secure build service enables DevOps to consume trusted artifacts at a fraction of the cost by implementing controls to meet SLSA Level 4 standards."
Try the ActiveState Platform secure build service by signing up for a free ActiveState account.
For More Information:
ActiveState has a 20+ year history of providing secure, scalable open source language solutions to more than 2 million developers and 97% of Fortune 1,000 enterprises. Enterprises choose ActiveState to support mission-critical systems and speed up software development while enhancing the security and integrity of their open source supply chain. Visit www.activestate.com for more information.
View original content to download multimedia:https://www.prnewswire.com/news-releases/activestate-delivers-trust-for-the-open-source-supply-chain-301572761.html