6 November 2024, Wed |
1:13 AM
SolarWinds, a provider of simple, powerful, and secure IT management software, has announced the release of its new Next-Generation Build System, a game-changing model for software development. The new software development process is an important part of the company’s Secure by Design initiative, which aims to make SolarWinds a model for enterprise software security.
Improvements to the software development and build processes were made at a rapid pace over the last year in response to the highly sophisticated SUNBURST cyberattack, which targeted SolarWinds and other technology companies. The Next-Generation Build System incorporates new software development practices as well as technology to strengthen the build environment’s integrity. This includes the first-of-its-kind “parallel build” process, in which SolarWinds® software is developed through multiple highly secure duplicate paths to provide a foundation for integrity checks.
Because the software build process used by SolarWinds during the SUNBURST attack is common throughout the technology industry, SolarWinds is releasing components of the new build system as open-source software, allowing other organizations to benefit from the company’s learnings and contribute to the establishment of a new industry standard for secure software development.
“Communicating transparently and collaborating within the industry is the only way to effectively protect our shared cyber infrastructure from evolving threats,” said Sudhakar Ramakrishna, president and CEO, SolarWinds.
“Our Secure by Design initiative is intended to set a new standard in software supply chain security via innovations in build systems and build processes. We believe our customers, peers, and the broader industry can also benefit from our practices.”
SolarWinds aligned the Next-Generation Build System with four key tenets of Secure by Design principles:
● Dynamic operations: Building only short-term software build environments that self-destruct after completing a specific task.
● Systematic build products: Ensuring build products can be made deterministically so any newly created byproducts will always have identical, secure components.
● Simultaneous build process: Creating software development byproducts, such as data models, in parallel to establish a basis for detecting unexpected modifications to the products.
● Detailed records: Tracking every software build step for complete
