@flexerasoftware embeds #opensource #security scanning into #software build http://bit.ly/2qTOX0R
Embeds Open Source Security Scanning into Software Development Build Process
Developers Go from Zero to Hero with FlexNet Code Aware,
Now Integrated with InstallShield® and InstallAnywhere®
Itasca, Ill. – May 10, 2017 – Flexera, the company that’s reimagining the way software is bought, sold, managed and secured, announced today it’s reimagining software supply chain safety. Flexera’s the first-in-industry to embed open source security into the heart of the software development build process with automatic analysis detection. It will help keep the software supply chain secure by enabling 100,000 developers around the world to sell clean products, free of open source vulnerabilities and license compliance risk.
“For nearly three decades, Flexera’s InstallShield product line has been ubiquitous in every software company’s development process. With our FlexNet Code Aware release, Flexera is extending our customers’ capabilities to do a quick scan for open source vulnerabilities and issues at the time the application is being packaged,” said Jim Ryan, Chief Executive Officer at Flexera. “In providing this capability, we are making it easier for software producers to gain unprecedented insight into what is in their code which they can, in turn, share with their customers. Driving collaboration between software producers and their customers is essential to eliminating the waste, inefficiency and risk that currently exists in what can only be described as a dysfunctional software supply chain.”
FlexNet Code Aware is the leading automated, open source risk assessment and package discovery solution helping software developers quickly scan products for security and Intellectual Property (IP) compliance risks. FlexNet Code Aware is now integrated with Flexera’s InstallShield and InstallAnywhere solutions. InstallShield is the global standard used by 100,000+ developers for creating Windows desktop, server and cloud installers on more than 500 million devices. InstallAnywhere is the leading solution for creating multiplatform installation experiences for physical, virtual and cloud environments.
By embedding FlexNet Code Aware into InstallShield and InstallAnywhere, open source security scanning is now a standard part of the software build process, helping developers discover and assess IP and vulnerability risks before products ship. This powerful, combined solution sets the foundation for a vulnerability-free build, ensuring a smooth, error-free installation.
Eliminating Open Source Risk Early – Really Matters
The use of open source components in software development is skyrocketing. A decade ago, developers were using less than 100 open source libraries per release. Today, some industries are using more than 1,000. In addition – developers are often not aware of the risks contained in the open source code they use.
According to Flexera data, as much as 50 percent of code used in development is open source – code developers didn’t write themselves. And as a whole, developers are only aware of up to four percent of the third-party software that comprises their products. As open source dependency increases, developers need to be good corporate citizens and truly understand the vulnerability risk and compliance requirements they are inheriting from the open source code they use. FlexNet Code Aware – now integrated with InstallShield and InstallAnywhere, identifies the libraries developers are using, and what the associated licensing terms are to ensure compliance.
“Open source security and compliance can’t be a once-a-year process – it simply doesn’t cut it any more given today’s demanding time-to-market pressures. Build/release engineers are the last people to touch products on a daily basis before they are packaged for installation. Up until now they haven’t really been able to do much around open source vulnerability management,” said Jeff Luszcz, Vice President of Product Management at Flexera. “These engineers are the front-line of defense in the development process and should be front-soldiers in ensuring open source security and compliance. With FlexNet Code Aware now embedded in InstallShield and InstallAnywhere, Flexera helps them find vulnerabilities as part of their ongoing, daily builds – without slowing them down. ”
# # #
Contact Flexera, and follow the company on…
About Flexera Software
Flexera Software’s business sits at the nexus between the world’s software producers and buyers – repairing the broken software supply chain, which is the most dysfunctional supply chain in all of business today. That dysfunction manifests as risk and cost – to both the producers of software and the enterprises that buy software – as they solve the complex, time consuming, and expensive problems of ensuring licensing compliance and security from vulnerabilities. Our software licensing, compliance, cybersecurity and installation solutions are essential to ensure continuous licensing compliance, optimized software investments, and to future-proof businesses against the risks and costs of constantly changing technology. A marketplace leader for more than 25 years, 80,000+ customers turn to Flexera Software as a trusted and neutral source of knowledge and expertise, and for the automation and intelligence designed into our products. For more information, please go to: https://www.flexerasoftware.com.
For more information, contact: Amanda Ingalls +1.949.241.1515 aingalls@flexerasoftware.com
Copyright 2017 Flexera Software LLC. All other brand and product names mentioned herein may be the trademarks and registered trademarks of their respective owners.