Lineaje's Open-Source Manager helps organizations secure entire software supply chain

Lineaje, a continuous software supply chain security management company, has announced Open-Source Manager (OSM). The comprehensive solution brings transparency to open-source software components in applications and proactively manages and mitigates associated risks. Lineaje’s OSM enables full lifecycle governance of open-source software with trust, speed, and reliability helping to build an overall stronger security posture for complex software development organizations.

“As organizations continue to embrace open-source to drive high innovation and to accelerate development cycles, our software supply chain is effectively open-sourced. Open-source developers are typically great innovators but not-so-great maintainers of software,” said Javed Hasan, CEO & Co-Founder, Lineaje. “OSM is an automated open-source office in a box, extending an organization’s AppSec posture to open-source dependencies. It not only separates well-maintained and unmaintained open-source components but enables proactive mitigation of embedded open-source risks.”

OSM goes beyond discovery by introducing an innovative “plan & fix” module. Not all patches or vulnerability fixes are equally compatible or applied at the same dependency depth. Lineaje AI with BOMbots generates plans in minutes for open-source patching so that developers can apply all compatible and all incompatible patches in batches. This reduces mean time to protect (MTTP) and saves up to 40% in software maintenance efforts. Unmaintained components with unfixed vulnerabilities and policy violations can be routed to inner or out-sourced teams chartered to maintain risky open-source dependencies.

The OSM solution enables companies to:

Simplify Discovery & Search Comprehensively: Find and search all direct open-source dependencies down to the deepest level and discover the impact of vulnerabilities and risks.
Analyze Inherent Risk: Automatically examine each component and application for risks–vulnerabilities, licenses, code quality, security posture, maintainability, age, supplier, provenance and more.
Monitor Tamperability & Integrity Levels: Sophisticated fingerprinting identifies components that have suspicious and unknown origins.
Establish Governance: Use consistent criteria for selecting, upgrading and fixing open-source components, and create rules for each. Auto-detect components violating policy using Lineaje’s Findings engine.
Optimize Planning and Fix: Lineaje AI, using BOMbots, builds SMART “what if” plans in minutes. These SMART plans reduce maintenance efforts by up to 40%.
Fix Unmaintained Open-Source: 95% of all vulnerabilities come from open-source; 56% of them are left unresolved. Unmaintained open-source components identified by OSM are routed to the inner or outer sourced development teams with detailed remediation instructions.
Integrated Search: Search all dependencies in seconds for vulnerabilities, licenses, provenance, supplier details and more across all supply chain trees, enhancing operational efficiency.

You may also like

Palo Alto Networks to acquire IBM’s QRadar SaaS assets

Rafay extends core Platform-as-a-Service offering to support GPU-based workloads

IBM open sources Granite AI models

CI/CD platform startup Harness raises $150 million

Red Hat OpenShift AI helps deploy intelligent applications anywhere across hybrid cloud

Palo Alto Networks, Accenture to help organizations accelerate AI adoption securely