Anzeige
Mehr »
Login
Mittwoch, 02.04.2025 Börsentäglich über 12.000 News von 695 internationalen Medien
Kurs-Explosion voraus?: Diese kaum bekannte Aktie bohrt jetzt im Hotspot - und du erfährst es als Erster!
Anzeige

Indizes

Kurs

%
News
24 h / 7 T
Aufrufe
7 Tage

Aktien

Kurs

%
News
24 h / 7 T
Aufrufe
7 Tage

Xetra-Orderbuch

Fonds

Kurs

%

Devisen

Kurs

%

Rohstoffe

Kurs

%

Themen

Kurs

%

Erweiterte Suche
ACCESS Newswire
177 Leser
Artikel bewerten:
(1)

FossID Workbench 24.3 to Bring Enhanced AppSec Management Capabilities

Finanznachrichten News

STOCKHOLM, SWEDEN / ACCESSWIRE / November 13, 2024 / FossID, a leading provider of open source software risk management technology and services, announced today the highlights to come in version 24.3 of its Software Composition Analysis (SCA) tool, FossID Workbench.

In response to evolving Application Security (AppSec) challenges related to increasingly complex software supply chains, FossID has focused its next major release on improving the toolset's ability to surface and communicate actionable security vulnerability and exploitability information.

Highlighted in the upcoming release are:

  • VEX (Vulnerability Exploitability eXchange) integration to provide an enhanced security-centric user experience in the Workbench UI, better complementing the license-centric experience. VEX information helps software development teams go beyond identifying the presence of vulnerable components to understand and communicate their potential exploitability and mitigate risks more effectively.

  • SBOM (Software Bill of Materials) + VEX support to import, merge and export VEX data within CycloneDX and SPDX SBOM file formats ensuring compliance with existing and emerging regulatory requirements.

  • A security-centric user experience for faster, more intuitive access to security risk-related information.

"When it comes to Software Supply Chain security, both private industry and government regulatory requirements have standardized the use of VEX within an SBOM as a common, consistent means of communicating AppSec risk," said Stuart Dross, CEO. "This latest release provides our clients with the infrastructure they need to comprehensively identify, document and communicate application security risk across their supply chain ecosystems."

Further expanding on FossID's current software supply chain security capabilities, 24.3 also includes enhancements to existing capabilities such as:

  • Continuous CVE monitoring provides both automated in-app and email notifications when a new CVE is published for components known to be in your software project.

  • Vulnerable snippet identification highlights precise lines of vulnerable code within your internal "forks" of open-source projects, so that your team can remediate more efficiently and improve your security posture.

  • Security Knowledge Base is updated weekly so that you can keep up with ever-changing security vulnerability information.

FossID Workbench 24.3 is expected to be generally available in December 2024 with a product release announcement providing a full list of features and updates.

About FossID

FossID provides software risk management solutions that enable enterprises to leverage open source, third-party, and AI-generated code with confidence. Powered by FossID Workbench, a Software Composition Analysis (SCA) toolset, FossID also provides open source audit, technical due diligence, and code review services to help clients manage legal, security, and operational software supply chain risk.

Learn more: https://www.fossid.com
Follow us: Blog | LinkedIn | X | GitHub

Media Contact
Aaron Branson
FossID Media Relations
media@fossid.com

SOURCE: FossID

.

View the original press release on newswire.com.

© 2024 ACCESS Newswire
Werbehinweise: Die Billigung des Basisprospekts durch die BaFin ist nicht als ihre Befürwortung der angebotenen Wertpapiere zu verstehen. Wir empfehlen Interessenten und potenziellen Anlegern den Basisprospekt und die Endgültigen Bedingungen zu lesen, bevor sie eine Anlageentscheidung treffen, um sich möglichst umfassend zu informieren, insbesondere über die potenziellen Risiken und Chancen des Wertpapiers. Sie sind im Begriff, ein Produkt zu erwerben, das nicht einfach ist und schwer zu verstehen sein kann.