SBOMS & Attestation Requirements
The White House’s mandates requires U.S. agencies to obtain Software Bill of Materials (SBOMs), as well as attestations for any software that touches government data or systems in any way by June 2023.
Here’s how the ActiveState Platform can help you meet these standards while maintaining or even accelerating your time to market:
- Automates the creation of lightweight JSON or SPDX SBOMs of your runtime and packages, conforming to US government standards.
- Validates the integrity of all open source components used in a software application, enabling users to verify that it was built in a secure manner using uncompromised code.
- Automatically builds runtime environments from source code using a secure build service that supports the security and integrity controls defined in the highest level of the SLSA framework.
- Employs up-to-date vulnerability and dependency status indicators for all packages, ensuring that you and your team are always using secure, compatible package components.
Get a Demo
Contact us for a 30-minute demo of the Platform’s features and see how we secure your open source software.
End-to-end security
Implement software supply chain security from end to end. The ActiveState Platform is built to handle the unique needs of your organization, making it easy to secure and de-risk your use of open source software. See how the ActiveState Platform integrates with your existing workflow, providing runtimes built securely from source code that feed directly into your dev and CI/CD environments.
