Scribe - E2E Software Supply Chain Security
Computer and Network SecurityTel Aviv, Israel11-50 Employees
Scribe is a holistic software supply chain platform for managing SDLC risk and securing your software factory and products from development to deployment. We implement zero trust, continuous assurance, attestation concepts, and SDLC-guardrails-as-code to enhance products’ security and trustworthiness while reducing friction with development teams and speeding up your time to market. • DISCOVER all software assets, lineage and risk posture and gain complete visibility to your AppSec risk by applying BI & AI to an evidence-based SSC-inclusive repository • MITIGATE preemptively SSC risks in your software factory and artifacts by auto-enforcement of SSC policy (SDLC guardrails) • PREVENT software tampering attacks by automating continuous code signing and Intoto attestations. • DEMONSTRATE compliance adherence with SSC frameworks (e.g. SLSA) and regulations (e.g. SSDF) by automatically generating and collecting signed evidence from CI/CD pipelines.