SANTA FE, N.M. - July 21, 2022 - PRLog -- DeployHub, visionaries in microservice governance, today announced they have won a $75k grant to improve access and audits of software bill of material reports, a key tool in hardening cybersecurity. DeployHub will apply the grant funding to the Ortelius.io open-source project, incubating at the Continuous Delivery Foundation. The XRPL Grant program sponsored by Ripple provides funding to support software development projects that leverage the open-source XRP Ledger (XRPL).
Ortelius is an open-source governance catalog that tracks software components and their dependencies. The XRP Ledger will be used to create an immutable SBOM audit trail that allows organizations to easily consume and act upon SBOM data, CVEs, and other usage information.
"SBOMs are key to understanding the software supply chain; however, they are not well managed, can be easily manipulated, and have no clear audit trail," explains Steve Taylor, CTO, DeployHub, Inc. "The transactions captured by the XRP Ledger will include the creation of the component version NFT, the creation of the application-level SBOM version, and the consumption of a logical application SBOM version."
"We are honored to have been awarded the prestigious XRPL Grant which will allow us to address the gaps in SBOM management and audit. Providing a central store of this critical information will allow all open-source projects to be more secure," stated Tracy Ragan, CEO, DeployHub.
For more information, read the full blog at https://www.deployhub.com/sbom-audit-trail-for-hardening-cybersecurity/
About DeployHub
DeployHub's mission is to empower organizations to achieve business agility through a managed approach to the microservice supply chain using a unified catalog of services and their usage. Unique to the DeployHub offering is its ability to version services along with their consuming applications providing visibility into microservice usage, and service impact. DeployHub provides a clear view of your microservices supply chain and how it changes over time.
About Ortelius
Ortelius is a unified microservice catalog designed to track and version your microservice software supply chain along with all of their consuming 'logical' applications. With Ortelius, you can easily view your 'logical' application's SBOM, CVEs, service dependencies, and inventory based on versions. The latest version of Ortelius is maintained by the Ortelius Community managed by the Continuous Delivery Foundation (Linux Foundation). It was originally created by DeployHub and OpenMake Software. Our mission is to simplify the adoption of modern architecture through a world-class microservice catalog driven by a supportive and diverse global open source community.
Contact
Tracy Ragan, DeployHub
***@deployhub.com
Photos: (Click photo to enlarge)
Read Full Story - DeployHub Awarded $75K XRPL Grant to Harden Cybersecurity | More news from this source
Press release distribution by PRLog
DeployHub Awarded $75K XRPL Grant to Harden Cybersecurity
July 21, 2022 at 17:20 PM EDT