A Central Vulnerability Evidence Store for DevSecOps
You Should Always Know Where Log4J is Running
The Ortelius community is dedicated to strengthening the software supply chain by identifying weak links and continuously analyzing vulnerabilities introduced throughout the DevSecOps pipeline. To effectively manage code-level risks, Software Bill of Materials (SBOM) reports must be actively consumed and scanned for new threats that emerge daily. Simply generating an SBOM isn’t enough—analyzing and acting on the data is essential for a secure supply chain.
Many IT teams struggle to respond to security threats due to fragmented intelligence spread across various tools, often managed only at the container level. Ortelius streamlines this process by gathering and aggregating security and DevOps intelligence, tracking open-source inventory and vulnerabilities at higher organizational levels, including logical applications, runtime environments, and entire domains.
With Ortelius, you can easily answer the question, “where is Log4J running?”
The latest version of Ortelius is maintained by the Ortelius Community managed by the Continuous Delivery Foundation, part of the Linux Foundation. Corporate support comes from DeployHub with 80% of the codebase from DeployHub’s Continuous DevSecOps Intelligence Dashboard.
Join the Ortelius Holiday Gathering December 11th, 20024
Time to Celebrate our Committers
Join us on Wednesday, December 11th, 2024 for our annual holiday gathering.
Why You Should Attend:
- Show your support for our dedicated Committers.
- Learn how to gather SBOM data via the CI/CD Pipeline.
- See how Ortelius leverages SBOM data to expose newly reported vulnerabilities across your Software Supply Chain.
Agenda
8:30-9:30 Beer and Donuts Celebrate the dedicated committers that make up the Ortelius Family. Awards will be given to top Ambassadors, Champions and Legends.
9:45 - 11:30 Uncovering Code-Level Vulnerabilities: Strengthening Your CI/CD Pipeline for Continuous Vulnerability Management Take a tutorial that walks you through how to manage vulnerabilities in real-time with Ortelius, and see how Ortelius serves as a single dashboard for security reporting, including OpenSSF Scorecard metrics.
Learn More About Ortelius
Get Involved:
Abraham Ortelius – Our Inspiration
Abraham Ortelius made his name by collecting data from scientists, geographers, and cartographers of his time and transforming it into what the world now knows as a world Atlas. His Atlas, titled Theatrum Orbis Terrarum (Theatre of the World), was published on May 20, 1570. His Atlas disrupted the way the world was seen, with the first concepts imagining continental drift. Also of interest are the sea monsters shown in the water – mythical creatures that were a subject of fascination in Ortelius’ generation.
A Thought Leader in Sharing
Ortelius also in some ways created on open source community of his day. To accomplish his goal, he was the first cartographers to give credit to his fellow scientists by adding their names to the Atlas. Ortelius was known to have corresponded with other professionals throughout Europe and pulled together their knowledge to create his publication and a truly global view of the world.
Thank you Abraham Ortelius for showing us the way.