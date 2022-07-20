NEW YORK, July 20, 2022 /PRNewswire/ -- Winmill Software has announced that Ben DiMolfetta, client solutions architect for Winmill, has won Veracode's "Best Video Series in Demonstrating Software Composition Analysis (SCA)" video contest. The eight-part video series Ben created summarizes how to use Veracode to run a software composition analysis, analyze the results, and create a trackable ticket for removing cyber attack vulnerabilities.

Ben DiMolfetta

In the video series developed by Ben, viewers are shown how to use Veracode SCA to generate a software bill of materials that can be used to identify applications that might be vulnerable to cyber attacks. Veracode SCA then makes recommendations for remedying each vulnerability, such as installing a newer version of the software or code. Veracode's platform also analyzes whether an application is using the correct license.

Ben also created a video showing how this scanning tool can be run in PowerShell utilizing the SCA Agent. Ben's video shows how to integrate SCA Agent into the JIRA Cloud ticket and process flow. All of this gives developers a more robust set of tools for vulnerability remediation, including the ability to create JIRA tickets or stories that will help developers secure their applications.

Software Supply Chains Introduce Vulnerabilities to Cyber Attacks

Today, every organization depends on a variety of applications. Some are created in-house, some are commercial third-party applications, and some are open-source. All of these combined make up what is referred to as the software supply chain.

Forrester reported in 2020 that an average of 75 percent of audited application code bases was open-source applications. This heavy dependence on open-source applications has created a critical need to be able to identify vulnerabilities in these applications and the solutions to those vulnerabilities.

A software bill of materials, created via a software composition analysis, is the best way to protect your software supply chain. Veracode SCA enables you to do this accurately and easily. In partnership with Veracode, Winmill uses its security expertise to help identify software components and dependencies that create vulnerabilities, offer remediation guidance, and actively manage licensing and compliance risks.

About Winmill Software

Winmill provides industry-leading Cybersecurity, Cloud, Application Development, and DevOps services. Winmill partners with the best application security solutions on the market to provide specialized product expertise to its clients. Winmill is a Focus Partner of Veracode, and uses Veracode solutions to help organizations develop secure software and build advanced application security programs that reduce risk of security breaches and accelerate their business growth.

About Veracode

Veracode is a leading AppSec partner for creating secure software, reducing the risk of security breach, and increasing security and development teams' productivity. With its combination of process automation, integrations, speed, and responsiveness, Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities.

