A specialist in products and services for managing open source software licenses, Protecode (News - Alert) has announced that users of its open source scanning products can now detect, flag, and react quickly to risks posed by security vulnerabilities against Heartbleed and certain versions of OpenSSL packages.
Organizations can now alleviate damage from security fears using Protecode products, designed particularly to detect and report on open source security vulnerabilities within an organization's code portfolio.
Protecode officials said that the company’s open source information-mining processes follow the National Vulnerability Database (NVD) and their reference Global IP Signatures (GIPS) database are automatically updated to redirect the security vulnerabilities against certain versions of OpenSSL package.
"Protecode takes security vulnerabilities very seriously -- that's why we have built a set of tools that allow us to detect new vulnerabilities, such as those relevant to Heartbleed, and make them available to our customers as quickly as possible," said Normand Glaude, COO, Protecode.
Users of Protecode's publicly-accessible GIPS database need not worry as their information has been updated automatically. The company also suggests that users of its open source scanning solutions should select the packages in their portfolio including the OpenSSL package for autonomous security vulnerability updates. This will enable the users to get alerts about the new vulnerabilities as reported by NVD.
Protecode clients using the GIPS database within their enterprise networks can now download the new data.
The popularity of Protecode products among users is because they are built for ease-of-use, integration as well as minimal intrusion into existing development processes.
Protecode is headquartered in Ottawa, Canada with partners worldwide and its products have been deployed in hundreds of organizations worldwide.