An Evidence Store for Supply Chain and DevOps Intelligence

A Comprehensive View of Your Organization's Security Profile

Today’s software security tools gather data for mostly low-level ‘objects’ causing critical AI intelligence to be stored across siloed logs and tools. There is currently no way to consolidate the intelligence of multiple security tools for building AI threat models, generating pipelines or automating a rapid response system.

Our mission is to defend the software supply chain by federating open-source software security intelligence creating AI threat models and a rapid response system designed for both consumers and producers of publicly shared software. Ortelius is an evidence store that federates supply chain and DevOps intelligence providing an end-to-end view of an organization’s security profile. Ortelius tracks and versions DevOps and security details for every component of your software supply chain. This data is then collected and aggregated to the ’logical’ applications, organizational Domains, and deployed environments giving you a sweeping view of your organization’s security insights. With Ortelius, you can easily answer the question, “where is Log4J running?”

The latest version of Ortelius is maintained by the Ortelius Community managed by the Continuous Delivery Foundation (Linux Foundation). The Ortelius mission is to provide a comprehensive view of your organizations security profile using a world-class microservice catalog driven by a supportive and diverse global open source community. Corporate support comes from DeployHub with 80% of the codebase from DeployHub’s Microservice Catalog.

Continuous Versioning of Your Software Composition


Read more …

Supply Chain Data

Read more …

Logical Application Tracking

Read more …

Get Involved


Read more …

Open an Issue

Read more …

Attend Out Community Meetings and Events

Read more …

Ortelius Features

Federated SBOMs
Domain Security Profiles
Blast Radius Reporting
Component ‘Drift’ Analysis
Open-Source Package Transparency
Component Versioning
Centralized Security Insights
Federated CVE Reporting
Supports hybrid environments
Integration with Deployment Engines
Integrates into DevOps Pipelines
Easily extendable

Abraham Ortelius – Our Inspiration

Abraham Ortelius

Abraham Ortelius made his name by collecting data from scientists, geographers, and cartographers of his time and transforming it into what the world now knows as a world Atlas. His Atlas, titled Theatrum Orbis Terrarum (Theatre of the World), was published on May 20, 1570. His Atlas disrupted the way the world was seen, with the first concepts imagining continental drift. Also of interest are the sea monsters shown in the water – mythical creatures that were a subject of fascination in Ortelius’ generation.

A Thought Leader in Sharing

Ortelius also in some ways created on open source community of his day. To accomplish his goal, he was the first cartographers to give credit to his fellow scientists by adding their names to the Atlas. Ortelius was known to have corresponded with other professionals throughout Europe and pulled together their knowledge to create his publication and a truly global view of the world.

Thank you Abraham Ortelius for showing us the way.