We are very excited to announce the GA release of SourceClear Custom Policies. Custom Policies improves issue remediation and allows you to take greater control of your software delivery workflow.
Why Do You Need Custom Policies?
More than ever, development groups are relying heavily on open source software libraries to provide a rich feature set that can’t be built from scratch in a reasonable time. Those same time constraints mean that DevOps pipelines often omit security testing, while those that include it can be overwhelmed with too many issues to remediate.
Using software composition analysis tools like SourceClear turns the DevOps pipeline into DevSecOps, which solves the first problem. Now, with the release of Custom Policies, you can fine tune the remediation signal-to-noise ratio to your company’s needs, removing the second obstacle.
What Can Custom Policies Do?
SourceClear has always had a security policy under the hood that created an issue each time we identified