SolarWinds details ‘next-gen’ software development process
IT management software provider SolarWinds has announced details of its new next-generation build system, which it says offers a transformational model for software development.
The updated software build process is a key part of the company’s Secure by Design framework, which aims to make SolarWinds a model for enterprise software security.
The company introduced a host of improvements, culminating in a new system that includes both software development practices and technology designed to strengthen the integrity of the build environment.
This includes a unique “parallel build” process, where SolarWinds software development occurs through multiple highly secure paths to establish a baseline for integrity checks.
These improvements to SolarWind’s software development and build process were made over the past year in response to the highly sophisticated SUNBURST cyberattack, which targeted the vendor and a host of other technology companies in December 2020.
To better combat these threats in the future, the company says it has tied its next-generation build system to the “four key tenets” of its Secure by Design principles.
The first – “dynamic operations” – is to create only short-term software build environments that self-destruct after completing a specific task. “Systematic build products” will also be deterministically manufactured so that all newly created by-products will always have identical and secure components.
It will also adhere to a “concurrent build process”, which involves the creation of software development by-products – such as data models – in parallel to establish a basis for detecting unexpected product changes.
Additionally, “detailed records” will track every step of the software’s build for full traceability and permanent proof of record, SolarWinds explained.
A new industry standard
At the time of the SUNBURST attack, the software creation process used by SolarWinds was common in the technology industry. For this reason, the vendor has also announced that it is releasing components of its new build system as open source software.
SolarWinds says the goal is to help other organizations benefit from what it has learned over the past two years and help set a “new industry standard” for secure software development.
“Transparent communication and industry collaboration is the only way to effectively protect our shared cyberinfrastructure against evolving threats,” said Sudhakar Ramakrishna, President and CEO of SolarWinds.
“Our Secure by Design initiative aims to set a new standard in software supply chain security through innovations in build systems and build processes. We believe our customers, peers, and entire industry can also benefit from our practices.”
Face the future of education with confidence
How the shift to digital learning has created an opportunity to meet the needs of every student, always
The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana
Cost savings and business benefits
The Business Value of the Transformative Mainframe
Modernization on the mainframe
Why PCaaS is perfect for modern schools