Palamida, Inc.,: Security Software Solutions for Managing Open Source Code

Today, open source is playing a vital role in software development. More than 50 percent of software products are comprised of code originating from an open source medium for speeding up a company’s development process. However, as it can be freely used, modified, and shared by anyone and from anywhere, Open Source Software (OSS) often makes firms vulnerable to bugs, malicious users, and security risks. Hence, it becomes difficult for a company to identify the risks and increases the uncertainty caused by unknown and undocumented third-party content. Palamida provides complete visibility into customer codebases and helps customers take advantage of an Open Source based development strategy while at the same time managing license and vulnerability risks.

Headquartered in San Francisco, CA, Palamida helps organizations manage the use of Open Source and other third party code within their software applications. “As awareness grows about the benefits and risks of an Open Source based development strategy, more and more organizations come to the conclusion that a framework for consuming (and contributing to) open source projects is an important element of their development infrastructure,” explains Mark Tolliver, CEO, Palamida. The company’s professional services team helps organizations deal with OSS compliance programs and provides them with confidential, accurate, and timely analysis for pre and post mergers and acquisitions, divestitures, and internal baseline projects.

Our products are centered around a special purpose search engine optimized for tracking undocument code

Working on OSS, Palamida delivers end-to-end solutions to organizations and keeps them up-to-date on their license status, vulnerability, and other software information. “In the case an organization focuses on scanning and analyzing source and binary code, we offer Palamida Standard Edition,” says Tolliver. The Standard Edition enables enterprises to scan and analyze the source and binary code to effectively secure and manage open source or other third-party code. “It helps both small and large organizations as it can run on a single laptop or a higher capacity server,” says Tolliver.
Mark Tolliver, CEO
Focusing on their customer’s need, if an organization wishes to start their compliance program with a focus on developer disclosure instead of scanning, Palamida Governance Edition is their best fit. The Governance Edition allows software developers to request and receive authorization to use open source components, maintain information based on license, modifications and other relevant data. “Our products are centered around a special purpose search engine optimized for tracking undocument code. We have indexed over 100 terabytes of open source software so that we can accurately identify the open source components in a code base,” explains Tolliver.

Palamida enables organizations to use and reuse codes from various sources, and in doing so, the firm helps its customers reduce the risk of license violations, software vulnerabilities, and export control violations. With a decade of experience working with software security solutions, Palamida has assisted numerous enterprises to minimize the growing vulnerability in the OSS arena. For instance, Palamida recently dealt with a customer having a large number of software products. Palamida’s solutions helped the client to remove the OpenSSL vulnerabilities they faced, and also reduced the rise of undocumented open source code.

Furthermore, Palamida’s uniqueness lies in delivering the most comprehensive and accurate solutions, allowing organizations to manage and secure their applications and products in a cost-effective manner. Tolliver believes that competition keeps everyone on their toes; the difference between Palamida and its competitors is Palamida’s deep focus on delivering the most comprehensive, and accurate solutions.

The robustness of Palamida’s solutions is the reason behind their success. The firm aims at developing and automating their products, while maintaining the quality of detection. “We’re at a point where our solution is becoming a key part of the development environment and we want to make it a seamless part of building software,” concludes Tolliver.

Palamida, Inc.,

San Francisco, CA

Mark Tolliver, CEO

Provides complete visibility into the codebase of their customer’s software applications running on open source software.