IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google unveils new Assured Open Source Software service

New offering aims to protect enterprise customers using the same end-to-end security capabilities that Google uses for its own OSS portfolio

Google has announced its new Assured Open Source Software service as part of the tech giant’s drive to help organizations strengthen their OSS supply chain.

Expected to enter Preview in Q3, the Google Cloud product has been designed to enable enterprises and public sector users of open-source software to easily incorporate the same OSS packages that Google uses in its developer workflows.

Related Resource

What is contextual analytics?

Creating more customer value in HR software applications

Whitepaper cover with data dashboard imageFree Download

“Assured OSS lets organizations benefit from Google’s extensive security experience and can reduce their need to develop, maintain, and operate complex processes to secure their open source dependencies,” Google said in a blog post.

The offering forms part of Google’s efforts to help make the open-source software ecosystem more secure. Packages curated by the Assured OSS service will be regularly scanned, analyzed, and fuzz-tested for vulnerabilities, while corresponding enriched metadata will incorporate Container/Artifact Analysis data.

They will also be built with Cloud Build, including evidence of verifiable SLSA-compliance, verifiably signed by Google, and distributed from a secure and protected Artefact Registry.

Ultimately, Google said it is aiming to centralize control and actively secure each stage of the software supply chain for an open-source dependency.

“Assured OSS allows enterprise customers to directly benefit from the in-depth, end-to-end security capabilities and practices we apply to our own OSS portfolio by providing access to the same OSS packages that Google depends on,” the company added.

“Users will also be able to submit packages from their own OSS portfolio to be secured and managed through the Google Cloud managed service.”

Additionally, Google Cloud has announced a new collaborative effort with cybersecurity firm Snyk to further help developers understand their open source dependencies, as well as use Assured OSS to reduce their risk.

Assured OSS will be natively integrated into Snyk solutions for joint customers to use wherever they are developing code, Google said, while Snyk vulnerabilities, triggering actions, and remediation recommendations will be available within Google Cloud security and software development life cycle tools.

“The collaboration can help developers reduce the possibility of deploying open-source software with critical vulnerabilities, more quickly identify associated impact of vulnerabilities, better eliminate new threat exposures, and increase automation of their remediation activities,” Google explained.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Logicalis snaps up UK-based IT consultancy Q Associates
mergers and acquisitions

Logicalis snaps up UK-based IT consultancy Q Associates

9 Aug 2022
Nvidia revenue falls short of expectations in Q2
Hardware

Nvidia revenue falls short of expectations in Q2

9 Aug 2022
Fastly appoints Cisco's Todd Nightingale as new CEO
chief executive officer (CEO)

Fastly appoints Cisco's Todd Nightingale as new CEO

5 Aug 2022
Microsoft unveils new threat intelligence and surface management solutions
cyber security

Microsoft unveils new threat intelligence and surface management solutions

3 Aug 2022

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Samsung proposes 11 Texas semiconductor plants worth $191 billion
Hardware

Samsung proposes 11 Texas semiconductor plants worth $191 billion

21 Jul 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022