Lineaje, an operator of continuous software supply chain security management, has unveiled a new product, the Open-Source Manager (OSM). This innovative tool introduces transparency to open-source software components in applications and preemptively manages and mitigates potential risks, bolstering the security posture of extensive software development organisations.
Data shows that open-source software is tagged with ten times more risk than code created by internal developers, accounting for 95% of all application risks. Lineaje’s new product, the OSM, brings to the fore the veiled depths of open-source dependencies, with the ability to delve into 20+ levels and pinpoint every package down to the very last level. It offers a risk analysis for each participating component, highlighting more vulnerabilities than any other tool currently on the market, and is unique in its capacity to detect potential tampering and assess each component’s integrity.
Javed Hasan, CEO and Co-Founder of Lineaje, explained how their latest product will address the increasing need for transparent software supply chains as more organisations embrace open-source code. “Open-source developers are usually excellent innovators but less proficient in maintaining software,” he said. “OSM is akin to an automated open-source office in a box; it extends an organisation’s AppSec posture to open-source dependencies and can distinguish between well-maintained and neglected open-source components, thus allowing for proactive mitigation of embedded open-source risks.”
The OSM is more than a simple tool for discovery; it offers a unique “plan & fix” module. It uses AI powered by BOMbots to quickly devise plans for open-source patching, letting developers apply both compatible and incompatible patches in batches. This speeds up the protection process and can cut software maintenance efforts by up to 40%.
Reflecting on the current digital landscape, where developers are increasingly utilising open-source code, Melinda Marks, Practice Director of Cybersecurity, Enterprise Strategy Group, emphasised the significance of Lineaje’s Open-Source Manager (OSM). She noted that the OSM will bolster organisations’ ability to confidently and safely leverage open source by identifying possible risks, remediating vulnerabilities, and ensuring compliance with governance regulations.
In the new era of software development, where open-source components are ubiquitous, the management of these elements is vital. Lineaje’s Open-Source Manager enables the discovery, planning, and remediation of issues. Ashok Banerjee, SVP of Product Engineering at Trellix, states that supply chain security is an indispensable tool for the modern software factory.
Persistent, which collaborates with Lineaje to provide diverse industries with extensive open-source maintenance services, has incorporated Lineaje’s OSM for proactive risk detection and automated mitigation. Nitish Shrivastava, Senior Vice President and Head of Products at Persistent, praised the enhancement of their capabilities. He shared that the OSM has quickly become an integral part of their open-source service, increasing operational efficiency while promptly ensuring compliance with governance standards.
About Author
