2021 has truly been the year where the software supply chain became a natural focus for organizations world wide. With attackers increasingly targeting the popular packages we all are using it is becoming more clear than ever that scanning for vulnerabilities after the fact is not enough - proactive security is a must in today’s insecure world.
The great news: Bytesafe is right here with you, with our platform already aligned and focused on supply chain security - and with amazing interest from our users we are even more excited for what 2022 has to offer.
During 2021 we managed to achieve several big milestones and out of all additions we’re most proud of the features added to the Dependency Firewall. The recently announced support for Java & JVM Ecosystems for users with Maven/Gradle builds is also the start of our journey to extend with more ecosystems to secure your tech stack.
Before the holidays, we would like to thank all of our users for their support, all the great discussions & meetings and give you insights into our roadmap for 2022.
Happy holidays and best wishes from the entire Bytesafe team!
Daniel Parmenvik
CEO
What’s coming to Bytesafe in 2022?
Bytesafe is all about securing your organization and focus will be on adding even more security and improving analysis of your software composition. We think and hope you’ll like what’s coming and as always - we love getting your feedback as input to our planning.
Here are selected highlights from our roadmap:
Support for new ecosystems
We’ll be extending with support for even more ecosystems - .NET, Ruby, Python and OCI images (Docker).
Website scanner to detect dependency drifting
Scan the actual Javascripts used in your production applications (including bundles) to identify sideloading and potential risks.
Git Repository Analysis
Open up your existing git projects and let Bytesafe analyze your applications to identify open source risks.
Reports
Component Inventory, License Compliance and Vulnerability reports are just a few that are planned.
…and in the meantime, use the Dependency firewall to keep bad actors away
For any organizations regularly installing “the latest and greatest” components directly from external sources there are not enough safeguards from malicious versions. Our Dependency Firewall keeps your supply chain secure where controls and business policies are automated.
Delay Upstream Policy
The latest version of a package does not necessarily mean the most secure. The Delay Upstream policy is here to help you stay away from compromised new versions.
Automatic Quarantine
Protects your organization by automatically blocking the use of unwanted packages.
Prevent Dependency Confusion Attacks
A secure by default solution that protects internal packages from being replaced by external versions.
Want to improve your own open source supply chain with Bytesafe?
We are always keen to discuss how Bytesafe can assist your team and organization. Get in touch. Your code is our business! Book a demo or contact me directly if you have any questions.