MetaDefender Software Supply Chain version 2.4.0 now supports two new integrations: GitLab for source code repository scanning, and Jira for improved collaboration and incident response.
These new features help development teams detect and resolve security issues faster while continuously integrating security into the SDLC (software development lifecycle).
GitLab
Integrate security scans for malware, vulnerabilities, and hardcoded secrets into your GitLab repositories to protect your source code.
Jira
Add automation features to your team’s collaboration and incident response by pushing Jira ticket creation for suspicious software components.
Jira Integration: Improve Collaboration and Speed Up Incident Response
The new Jira integration helps teams stay informed and respond quickly when security issues arise.
When MetaDefender Software Supply Chain detects malware, vulnerabilities, or hardcoded secrets, users can configure it to automatically generate a Jira ticket. This ticket notifies the team about the issue in the application stack, so that security teams or relevant project members can quickly assess the situation and determine next steps. For example, security teams or assigned Jira project members can receive notifications to prioritize remediation steps.
Connecting Jira to MetaDefender Software Supply Chain is quick and easy. As a Jira admin, simply generate a token to link the two platforms. Then, configure the ticket creation under Workflow > Update Workflow > Jira > Enable.
GitLab Integration for Source Code Repository Security
For organizations using GitLab in the SDLC, integrating MetaDefender Software Supply Chain brings security capabilities directly into your development pipeline. Similar to other integrations in MetaDefender Software Supply Chain, you can:
Perform Continuous Scans: Schedule regular scans or trigger them manually for GitLab repositories.
Analyze Detailed Reports: Gain visibility into vulnerabilities, malware, and hardcoded secrets in your source code.
View and Generate SBOM Insights: Access a comprehensive SBOM (Software Bill of Materials) to understand the components going into your application stacks, as well as their dependencies and risks.
After a scan for a GitLab repository is completed, MetaDefender Software Supply Chain generates a detailed report accessible from the Reports tab. This report includes:
- A high-level summary of detected issues.
- File-level details for malware, secrets, and vulnerabilities.
- Expandable tree views for in-depth analysis.
- Detailed insights into your software components via the SBOM tab.
How These Integrations Help
The GitLab and Jira integrations are designed to support agile, DevSecOps workflows. By embedding security deeper into the software supply chain, organizations and software teams can:
| Detect Risks Early in the SDLC | Automate Incident Resolution | Enhance Collaboration |
| With continuous scanning, security issues are identified earlier in the development cycle. | Jira automation speeds up incident response, ensuring teams stay informed and can act quickly. | Both integrations improve communication and collaboration across development and security teams. |
About MetaDefender Software Supply Chain
MetaDefender Software Supply Chain enhances your DevSecOps pipeline by scanning every software library, including open-source third-party components to identify security threats and vulnerabilities. With our detection and prevention technologies, your SDLC is protected from malware and vulnerabilities to strengthen application security and compliance adherence.
Release Details
- Product: MetaDefender Software Supply Chain
- Release Date: 18 September 2024
- Release Notes: 2.4.0
- Download from OPSWAT Portal
For more information, talk to our cybersecurity experts.
