January 19 10:58
The teams of the software production platform “Sfera” (vendor NOTA, part of the T1 IT holding) and the secure software development platform “CodeScoring” announced a strategic partnership that is aimed at increasing the transparency and security of software supply chains (software).
As part of the collaboration, a plugin was developed for the Sphere.Distributions and Licenses product, which provides direct integration with the CodeScoring.OSA module. The solution will allow organizations to build a secure process for checking third-party components for compliance with internal security policies and eliminate vulnerabilities in the early stages of development.
“Many large companies in Russia underestimate the problem of security in software supply chains, trying to save on checking third-party components and dependencies. At the same time, it is in them that vulnerabilities are often discovered, which are then included in the product along with updates and libraries. Attacks on popular freeware open-source solutions, often integrated into developer projects, are becoming one of the most common scenarios in this area,” noted Product Manager “Sfera.Distributions and Licenses” Maxim Golovkin.
“Our cooperation with Sphere strengthens the capabilities of both platforms. Today, more and more companies are building security processes on domestic software, and it is compatibility and open solutions that become the basis of successful projects. The main goal is to help users effectively identify and eliminate vulnerabilities, as well as build a reliable infrastructure based on Russian technological components,” commented the CEO “CodeScoring” Alexey Smirnov.
Related links:
- Security and AI are the main drivers of Russian development in the coming years
- IT holding T1: whether to trust AI is the billion dollar question
