Are you a Developer?
Tired of odd comments from your compliance office?
Keen to understand what you are linking into your project?
Bored of looking up open source details?
Are you a Compliance Manager?
Searching for a way to automate documentation?
Tired of mapping the same tools over and again?
Want to get more support from your organisation?
Version v2.6.30 mit vielen Neuerungen und Erweiterungen
Vulnerability-Fixes, bzw. "bump hints"
Integration von OpenSSF Scorecards
Neue Reports, bspw. verbessertes Portfolio Overview
Bekannte Schwachstellen
automatisch identifiziert!
Legal obligations
Determine the legal obligations resulting from a particular usage scenario
Audit controls
See what has happened and what has changed along the dev-cycle…
Link binary artifacts
Clearly identify which documentation links to which source commit or binary…
TrustSource capability to integrate with the development cycle providing legal expertise at their purpose helps to raise the awareness for the compliance topic. The tooling allows developers and project managers to prepare a proper assembly without much of support from the compliance office. Traffic light controls indicate the need for action, while overviews, indicators and many other benefits support developers in their daily work. Tools like black/whitelists, policy propagation and incorporated, role-based workflows foster the processing of OpenChain conformant behavior.