Jetstack Announces Industry-First Software Supply Chain Security Toolkit

Interactive, net-centered guide offers clarity and path for teams securing computer software supply chains

LONDON, May 17, 2022–(Organization WIRE)–Jetstack, a Venafi company and chief in cloud native, open resource and strategic consulting products and services, today declared the availability of an easy-to-use, interactive and complete toolkit for securing modern software package provide chains. The visible, world-wide-web-based source is obtainable to all people and is developed to aid corporations appraise and plan the vital ways they require to deal with effective software package offer chain safety. Application offer chain security has grow to be an progressively significant concern for all companies. Soon after the attack versus Solar Winds at the conclude of 2020 that afflicted above 1800 companies, computer software provide chain assaults greater more than 300 per cent in 2021.

This push release options multimedia. Look at the complete launch here:

Jetstack Software Source Chain Security Toolkit (Graphic: Business enterprise Wire)

“Most companies now understand the urgency and relevance of strengthening the protection of the software program they consume and develop,” explained Matthew Bates, main technology officer for Jetstack. “The problem is that it really is very challenging to discover and prioritize the modifications that need to be built even though also controlling the competing priorities of their progress and protection communities. It really is very tough to figure out how to constantly increase enhancement velocity and lower time to deployment when, at the similar time, improve control, visibility and safety. Our toolkit allows progress and stability teams promptly figure out in which to get started by figuring out the trouble and affect connected to specific protection controls.”

The Software Source Chain toolkit consolidates information and tips from several frameworks and whitepapers that each provide detailed assistance for computer software supply chain stability such as:

The interactive toolkit presents the steerage from these frameworks broken down into four crucial locations: build pipelines, source code, provenance and deployment. Tips from every single section include things like insights on precedence and complexity alongside with back links to the original open up source toolsets that can assistance with that particular recommendation.

“Computer software offer chain attacks concentrate on a total vary of vulnerabilities at unique points in the computer software lifetime cycle,” said Steve Judd, senior answers architect for Jetstack and the developer of the toolkit. “Fixing these worries demands heading through a entire assortment of controls that go properly outside of a application invoice of materials (SBOMs), which is just 1 of the 54 tips. The Computer software Offer Chain toolkit is a new style of collaboration with the open up resource community made to assist the sector build proactive and preventative options that are purpose created for current and rising improvement processes.”

Visit software-supply-chain/ to view the toolkit.

About Jetstack

Jetstack, a Venafi business, is a cloud indigenous goods and strategic consulting firm functioning with enterprises working with Kubernetes and OpenShift. Venafi is the cybersecurity sector leader and innovator of machine id administration.

An open up source pioneer, Jetstack has achieved noteworthy field recognition as the creator of cert-manager which is the open up supply market common for cloud indigenous equipment identification administration. Jetstack’s open up source products and options safeguard the software environments and system infrastructure of world-wide banks, multinational retailing firms and defense corporations.

Venafi and Jetstack are pioneers of organization machine identity safety, and Jetstack provides organization platform and protection groups the electrical power to develop, scale and safe their cloud native infrastructure for sophisticated developer automation, workload protection and software innovation.


Look at supply version on


Shelley Boose
[email protected]

Kim Myers
[email protected]