An Evidence Store for Supply Chain and DevOps Intelligence
A Comprehensive View of Your Organization's Security Profile
Today’s software security tools gather data for mostly low-level ‘objects’ causing critical AI intelligence to be stored across siloed logs and tools. There is currently no way to consolidate the intelligence of multiple security tools for building AI threat models, generating pipelines or automating a rapid response system.
Our mission is to defend the software supply chain by federating open-source software security intelligence creating AI threat models and a rapid response system designed for both consumers and producers of publicly shared software. Ortelius is an evidence store that federates supply chain and DevOps intelligence providing an end-to-end view of an organization’s security profile. Ortelius tracks and versions DevOps and security details for every component of your software supply chain. This data is then collected and aggregated to the ’logical’ applications, organizational Domains, and deployed environments giving you a sweeping view of your organization’s security insights. With Ortelius, you can easily answer the question, “where is Log4J running?”
The latest version of Ortelius is maintained by the Ortelius Community managed by the Continuous Delivery Foundation (Linux Foundation). The Ortelius mission is to provide a comprehensive view of your organizations security profile using a world-class microservice catalog driven by a supportive and diverse global open source community. Corporate support comes from DeployHub with 80% of the codebase from DeployHub’s Microservice Catalog.
Continuous Versioning of Your Software Composition
Get Involved
Ortelius Features
| Federated SBOMs | |
| Domain Security Profiles | |
| Blast Radius Reporting | |
| Component ‘Drift’ Analysis | |
| Open-Source Package Transparency | |
| Component Versioning |
| Centralized Security Insights | |
| Federated CVE Reporting | |
| Supports hybrid environments | |
| Integration with Deployment Engines | |
| Integrates into DevOps Pipelines | |
| Easily extendable |
Abraham Ortelius – Our Inspiration
Abraham Ortelius made his name by collecting data from scientists, geographers, and cartographers of his time and transforming it into what the world now knows as a world Atlas. His Atlas, titled Theatrum Orbis Terrarum (Theatre of the World), was published on May 20, 1570. His Atlas disrupted the way the world was seen, with the first concepts imagining continental drift. Also of interest are the sea monsters shown in the water – mythical creatures that were a subject of fascination in Ortelius’ generation.
A Thought Leader in Sharing
Ortelius also in some ways created on open source community of his day. To accomplish his goal, he was the first cartographers to give credit to his fellow scientists by adding their names to the Atlas. Ortelius was known to have corresponded with other professionals throughout Europe and pulled together their knowledge to create his publication and a truly global view of the world.
Thank you Abraham Ortelius for showing us the way.