DevSecOps Pipeline Integration Solution

DeployHub collects release data from GitHub, GitLab, GitOps, and Kubernetes logs for every workflow release, creating a configuration digital twin of what is running, where it is deployed, and who owns it. If an SBOM is not generated in the pipeline, DeployHub can generate one automatically. It then synchronizes release data with OSV.dev every ten minutes to provide continuous visibility into newly disclosed CVEs impacting operational endpoints.

devopsdetials
Build, Git and Helm Details

The DeployHub Platform

devsecops detials
Build, Git and Helm Details

DevSecOps Pipeline Integrations

If you are not already generating an SBOM as part of your DevSecOps Pipeline integration, DeployHub’s integration with Syft can transform your DevOps pipeline to a DevSecOps platform.

DeployHub’s Continuous Vulnerability Management can consume CycloneDX formatted SBOMs. If you are already generating SBOMs, you will pass the name of the SBOM results to DeployHub Pro.

DeployHub’s Continuous Vulnerability Management can consume any SPDX formatted SBOM. If you are already generating SBOMs, you will pass the name of the SBOM results to DeployHub Pro.

DeployHub uses OSV.Dev to continuously monitor the vulnerabilities of your Components and Applications within your software supply chain. DeployHub Pro scans for new vulnerabilities every 10 minutes turning your DevOps pipeline into a DevSecOps platform that generates continuous vulnerability detection.

DeployHub watches the GitOps repo for new releases, and gathers endpoint deployment metadata to map a release to an endpoint.

You can configure DeployHub to call out to a Git Repo to pull deployable artifacts (binaries, scripts, etc.) as part of your deployment. The process will check out your deployable artifacts based on commit, branch or tag specified.

Learn More

DeployHub consolidates OpenSSF Scorecard results into a single dashboard, mapping project security scores to applications, services, environments, and owners so teams can quickly identify risk, prioritize fixes, and prove continuous open-source governance.

Learn More

Platform Comparison

Here’s how DeployHub compares to Traditional SCA, Scanners, and SAST.

Capability DeployHub Traditional SCA Container Scanners SAST
Maps CVEs to deployed applications Yes Limited Container-only No
Shows where vulnerable packages are running Yes No Limited No
Tracks ownership and blast radius Yes Limited Limited No
Uses SBOMs after deployment Yes Limited Limited No
Supports agentless operational visibility Yes Usually no Usually no No

Features

A Automated Vulnerability Detection Platform to help you remediate fast.

Gather & ingest

For every release, DeployHub unifies SBOMs, build metadata, binary repos, and deployment data into a single evidence store, pinpointing exactly where each CVE affects your live systems.

Detect & correlate

DeployHub’s automated vulnerability platform matches live versions and deployed services with known CVEs, leveraging intelligence from vulnerability feeds such as OSV.dev.

Open-source and third-party component risk

Identify vulnerable open-source modules in use, correlate to live services for fast remediation.

Post-deployment surveillance

DeployHub detects when a newly disclosed CVE impacts a version you already released, automatically flag and route to patch workflow.

Expose Drift

DeployHub’s automated vulnerability detection platform exposes drift by identifying multiple component versions running across environments, enabling rapid remediation, vulnerability management, and version consistency.

Risk-based prioritization

Our Automated vulnerability detection platform helps you focus on what matters, high risk and critical vulnerabilities, not noise.

ortelius-stacked-color-small

Take A Tour

See Automated Vulnerability Detection In Action

Explore Ortelius SaaS and experience automated vulnerability detection in action with a quick, hands-on overview. DeployHub is based on Ortelius OS. Ortelius is incubating at the Continuous Delivery Foundation. 

Explore DeployHub

Explore Other Use Cases

DevSecOps tool for security sharing

Detect Vulnerabilities in Live Systems

Continuously monitor security across your entire application portfolio.

DevOps Tool for Exposing Open-Source

Attack Surface Visibiity

Attack Surface Visibility & Monitoring for Open-Source Software Security

 

DevSecOps Tool SBOM Sharing

Respond Faster Using SBOM Intelligence

Aggregate SBOMs and instantly comply with executive order 14028.