CodeSecure, a leading global provider of application security testing (AST) solutions, and FOSSA, the complete software supply chain platform, are partnering to provide native product integration that enables organizations to eliminate security blindspots associated with both third party and open source code.
According to the vendors, the partnership combines CodeSecure’s CodeSentry Binary Composition Analysis (BCA) capabilities within FOSSA’s advanced software supply chain analysis and SBOM management platform.
This single integrated solution provides continuous visibility for proactively detecting and mitigating software security vulnerabilities and compliance violations at every stage of the software development lifecycle (SDLC).
The CodeSentry-FOSSA integration allows App Developers and DevSecOps teams to generate comprehensive SBOMs that account for both open source and binaries contained in their software builds—providing comprehensive transparency into vulnerabilities, dependencies, and compliance violations.
By identifying vulnerabilities during the development phase—when they are easier and more cost-effective to remediate—this integrated platform reduces risk and accelerates secure software delivery, the companies said.
“Modern software applications are constantly growing in complexity and composed of components that developers might not fully control or even see,” said Mike Dager, CEO of CodeSecure. “Our partnership with FOSSA creates a single, cohesive platform that ensures comprehensive visibility into both open source and binary code, allowing teams to confidently manage their software supply chains from development through deployment.”
The FOSSA platform, pre-integrated with CodeSecure CodeSentry, addresses the following DevSecOps needs:
- Comprehensive SBOM Generation: Consolidates insights from both source and binary code analysis to produce accurate, complete software inventories.
- Early Vulnerability Detection and Remediation: Identifies and helps mitigate vulnerabilities early in the development lifecycle, reducing complexity and cost.
- Unified Security and Compliance Management: Provides a single source for maintaining software licensing compliance and securing third-party dependencies.
“Customers expect seamless security insights across the entire software supply chain, including first-party code, open source components, and binaries,” said Kevin Wang, CEO of FOSSA. “Integrating CodeSecure’s market leading binary analysis capabilities into the FOSSA platform allows our customers to comprehensively inventory and secure their software—eliminating critical blindspots and enhancing their security posture.”
The FOSSA platform, pre-integrated with CodeSecure’s BCA, is available immediately.
For more information about this news, visit www.codesecure.com or www.fossa.com.