TrustSource Supply Chain Security Platform
TrustSource has been designed to support the collection of all information relevant to managing compliance and security along the complete life cycle and supply chain:
- Assess your software,
- Assess components and their composition along the Software Supply Chain,
- Manage SAST results,
- Automatically adjust your Risk Management accordingly,
- Define releases and follow their composition along the life cycle,
- Auto-generate compliance documents and CSAF reports,
- Receive Vulnerability Alerts
All in one integrated platform!
Want to learn more about Risk Management in the context of CRA?
Real Time Status Overview
TrustSource gives CTOs and management a real-time view of the current status. Whether it’s vulnerabilities, risk, or compliance. With three clicks, you will be able to identify the responsible library causing trouble in your portfolio.
The extensive reporting capabilities allow you to identify infected libraries or components and their usage across the portfolio, allowing to inform others about and resolve issues with a few clicks.
Want to get control over your Software Portfolio?
Get in touch!
TrustSource is available in two flavours
As a Software as a Service
We manage the complete platform for you. Everything is highly available, backup organised and hosted in Germany following data protection best practises. To learn more, see our Shared Security Responsibility Model.
Self-managed – it’s open sourced
TrustSource consists of a collection of more than over 50 services, several queues and databases. This allows us excellent scalability and high availability, but makes it difficult to operate. Thus, we provide a subset of our core functionality as a monolithic implementation that operates via Docker Compose. If you have a small team or want to use it privately, this may be of interest to you.