Industry: Open-source security software
Open-Source Software (OSS), offering substantially reduced costs and times to develop, has become increasingly popular for companies in recent years. However, bugs and vulnerabilities can jeopardize not only the effectiveness of the software but also endanger sensitive data and provide an opening for hackers to propagate malware. Businesses today are forced to spend resources thoroughly analyzing OSS packages for code quality and security risks before importing them.
OSSPolice, built over the years as part of two doctoral dissertations, can swiftly vet OSS packages for both known security risks and underlying code weaknesses. This comprehensive risk-assessment package is far superior to existing services, shortening analysis from days to minutes, and giving 10x higher selection confidence.
The customer for OSSPolice is hypothesized to be medium-sized firms in highly regulated industries (finance, healthcare, etc.). OSSPolice has demonstrated its superiority by collecting 135,000 OSS packages and analyzing 1.6 million Android apps to flag over 100,000 apps with severe vulnerabilities.