Flexera Reimagines Open Source Vulnerability Detection with FlexNet Code Insight


Secunia Advisories Now Integrated into Open Source License and Vulnerability Detection Platform, Reducing Risk that Suppliers Will Ship Vulnerable Open Source Components to Their Customers

Maidenhead, U.K. – Dec. 18, 2017 – Flexera, the company that’s reimagining how software is bought, sold, managed and secured, today announced that its world-renowned Flexera Software Vulnerability Database is now integrated into FlexNet Code Insight – the market-leading open source license and vulnerability detection platform. The integration gives software developers unparalleled insight into vulnerabilities that may lurk within their open source code, and the ability to remediate those vulnerabilities before shipping their products to customers.

Flexera Security Vulnerability Exposure
Flexera Security Vulnerability Exposure
“Finding open source security vulnerabilities in packages, all the way to deep dependencies, has always been a priority for Flexera,” said Jeff Luszcz, Vice President of Product Management at Flexera. “This integration gives developers access to the deepest and most trusted vulnerability database in the world to help them minimise vulnerability risk. Our customers can leverage the combined strength of FlexNet Code Insight, powered by the National Vulnerability Database (NVD) and the Flexera Software Vulnerability Database, to significantly reduce the risk window between identifying and remediating vulnerabilities – before exploitation leads to costly breaches.”

Better Vulnerability Data Helps Close the Risk Window
The use of open source components in software development is skyrocketing. A decade ago, developers were using less than 100 open source libraries per release. Today, some industries are using more than 3,000. As open source dependency increases, software suppliers need to help ensure a safer software supply chain by truly understanding the vulnerability risk and compliance requirements they’re inheriting from the open source code they use.

As many companies have discovered the hard way, there’s an unacceptable risk window that persists between the discovery of a software vulnerability and when the patch is successfully installed. According to Flexera’s Vulnerability Review 2017, 17,147 vulnerabilities were recorded in 2,136 products from 246 vendors. 81 percent of those vulnerabilities had patches available on the same day as disclosure. But, on average, it takes companies 186 days to completely install those patches[1]. This risk window gives hackers plenty of opportunity to exploit vulnerabilities, and perpetrate attacks with costly consequences to businesses.

Flexera Software Vulnerability Database powers its market-leading Software Vulnerability Management solutions. By integrating this powerful database with FlexNet Code Insight, Flexera gives developers unparalleled ability to protect themselves and their customers from the potentially devastating effects arising when open source vulnerabilities are exploited.

With today’s announcement, FlexNet Code Insight is narrowing the risk window – providing comprehensive intelligence on discovered vulnerabilities. Organisations can now protect their products – and their customers – faster by identifying vulnerabilities as soon as they’re made public. Armed with better information, sooner, they’re then in a much better position to assess, prioritise and patch vulnerabilities before they’re exploited. Additionally, FlexNet Code Insight is able to alert development and security teams when new vulnerabilities are discovered in already shipping software.

“After the Equifax breach, which was caused by an exploitation of the Apache Struts 2 open source component, the world now understands the dire risks that occur when software suppliers unknowingly ship vulnerable components in their products, endangering the software supply chain,” added Luszcz. “Flexera now offers the most powerful tools available to help suppliers avoid that liability.”

[1] Verizon’s 2016 Data Breach Investigations Report

Follow us on


About Flexera
Flexera is reimagining the way software is bought, sold, managed and secured. We view the software industry as a supply chain, and make the business of buying and selling software and technology asset data more profitable, secure, and effective. Our Monetisation and Security solutions help software sellers transform their business models, grow recurring revenues and minimise open source risk. Our Vulnerability and Software Asset Management (SAM) solutions strip waste and unpredictability out of procuring software, helping companies buy only the software and cloud services they need, manage what they have, and reduce compliance and security risk. Powering these solutions and the entire software supply chain, Flexera has built the world’s largest and most comprehensive repository of market intelligence on technology assets. In business for 30+ years, our 1200+ employees are passionate about helping our 80,000+ customers generate millions in ROI every year. Visit us at www.flexera.com.

About Secunia Research@Flexera
Secunia Research at Flexera is a research team with globally recognised expertise in discovering, verifying, testing, validating and documenting vulnerabilities on tens of thousands of applications and systems. Our experts work under strict ethical guidelines and collaborate with the research community and software producers to guarantee the quality of the vulnerability information we document.

For more information, contact:
Vidushi Patel/ Nicola Males
Vanilla PR
prflexera@vanillapr.co.uk
+44 7958474632 / +447976652491

Have any Question or Comment?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

::::::::::::::::::::::::::::::::::3451:::::::::::::::::::::::::::::::::;;

::::::::::::::::::::::::::::::::::6733:::::::::::::::::::::::::::::::::;;

:::::::::::::::::::::::::::::925:::::::::::::::::::::::::::::::

TRIO STEEL IS ONE OF THE MOST TRUSTED BRAND AND LEADING EXPORTER AND SUPPLIER OF CARBON STEEL, ALLOY STEEL & STAINLESS STEEL PIPES & PIPE FITTINGS MATERIAL. Triosteel is one of the leading Suppliers and Exporters of API 5L Pipe in Singapore. Triosteel also Exports to many countries like Indonesia, Iran, Saudi Arabia & many more. An API 5L pipe is manufactured by adhering to the specifications laid down by the International Organization for Standardization (ISO) 3183.

::::::::::::::3453:::::::::::::

2780

buy! buy! CHEAP! Telefonie VoIP CHEAP! buy! buy! CHEAP!

2781

buy! buy! CHEAP! Telefonie VoIP CHEAP! buy! buy! CHEAP!

——————————————–

For the 2012 MLB period, we found an totals forecast Joao’s Renowned Over/Under João Zorro Gonçalves, Zcode Totals Pro, System of the time with progressions that have been successful over 98 98% ... We eventually perfected our over/under program ( Zcodesystemexclusive ), although it h-AS has brought years of investigation. Five Steps to Making a Winning MLB Method: 1. Execute appropriate cash management tools. 2. MLB rules that are comprehend. 3.Extensive testing back to make sure successful longterm results ...

——————————————–

There is always a challenge when you're dealing with the Foreign Exchange Market. That's just the nature of the beast. The best thing you can do is to learn about how the market operates as a whole so that you will be ready to meet these challenges. iq option penipu Never be misled by any profit gains in binary options. This is the number-one way traders end up losing their money and ultimately failing. Remember that the same things that make you laugh can make you cry in this market, and you can lose that $700.

——————————————–

Learning Polish has never been this fun and easy as with our podcasts Learn Polish with Polishpod101 Start today and become conversational in Polish in no time

——————————————–

The Best Website Agen Poker Resmi www.sakupoker.com Terpercaya come join

——————————————–

Do you need edmonton phone systems service ? Call complete communications today!

——————————————–

High-tech solutions for easy start-up of your IPTV/OTT-business

——————————————–

——————————————–

If you want to purchase not only one item, you have a chance to enjoy privileges. There is a sale’ tab on the site which offers a fantastic range of reduced counterfeit watches and accessories, such as sunglasses, cufflinks, watch straps and pens. Luxury Jewelry Replica At MCA.MN On Sale You get a 5% discount if you buy two pieces, this discount increases to 10% if you buy 4 pieces or more. There is free international shipping on all orders on this site. We also offer customers a free return anytime with a 100% money back guarantee.

——————————————–

:::::::::::::::::3452:::::::::::::::::::