International life sciences and healthcare platform provider, Vitrana, has significantly decreased open-source software (OSS) security vulnerabilities by over 66% with the use of CAST Highlight's software intelligence technology. Vitrana, whose global clientele encompasses notable entities such as Bayer, Pfizer, and Temple University AstraZeneca, has successfully utilised CAST Highlight's software composition analysis (SCA) capability to obtain extensive insights into their portfolio composition.
Vitrana used this technology to seamlessly control 15 critical applications, manage their software supply chains, open-source components and dependencies, and notably reduce OSS vulnerabilities by over two-thirds, all without creating any disturbance for developers. Given the regulatory rigour of the life science domains in which Vitrana operates, this progression is particularly essential. Here, the highest standards of software quality need to be maintained with nominal compliance issues or security vulnerabilities.
Due to the complexity of manually conducting due diligence on the open-source components in their portfolio, such as identifying security susceptibilities, license compliance issues, and out-of-date versions, Vitrana realised the importance of incorporating an automated software composition analysis solution within their software development lifecycle (SDLC) process. This led them to the adoption of CAST.
CAST Highlight has provided substantial actionable portfolio insights, enabling swift and rigorous open-source component management. Reports are now produced and circulated to all application owners on a weekly basis, while problems are rectified as part of code merge requests in tandem with the development phase itself. The SDLC process automatically ensures compliance, as CAST reports are sanctioned before signing off the build for quality assurance.
According to Vitrana's Chief Technology Officer, Jagadish Ramaiah, the successful implementation of CAST Highlight as the control tower of their portfolio has "significantly enhanced our ability to detect and mitigate security vulnerabilities in real-time, reaffirming our commitment to delivering secure and compliant solutions to clients." This proactive approach is consistent with industry standards, allows Vitrana to address potential threats rapidly, inspires confidence in their clients, and brings greater peace of mind to their customers.