IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

SolarWinds details 'next generation' software development process

The open source approach, which will be shared with the wider community, is a direct response to the SUNBURST cyber attack in 2020

IT management software provider SolarWinds has announced details of its new Next-Generation Build System, which it says offers a transformational model for software development.

Related Resource

Securing endpoints amid new threats

Ensuring employees have the flexibility and security to work remotely

Whitepaper cover with image of female employee working at home on laptopFree Download

The refreshed software build process forms a key component of the company’s Secure by Design framework, which aims to make SolarWinds a model for enterprise software security.

The firm has introduced a host of improvements, culminating in a new system that includes both software development practices and technology designed to strengthen the integrity of the build environment.

This includes a first-of-its-kind “parallel build” process, where the development of SolarWinds software takes place through multiple highly secure paths to establish a basis for integrity checks.

SUNBURST response

These improvements to SolarWind’s software development and build process have been made over the last year as a response to the highly sophisticated SUNBURST cyber attack, which targeted the provider and a host of other technology companies back in December 2020.

To better combat these threats in the future, the company says it has tied its Next-Generation Build System to the “four key tenets” of its Secure by Design principles.

The first - ‘dynamic operations’ - involves building only short-term software build environments that self-destruct after completing a specific task. ‘Systematic build products’ will also be made deterministically so any newly created by-products will always have identical and secure components.

It will also adhere to a ‘simultaneous build process’, which involves creating software development by-products - such as data models - in parallel to establish a basis for detecting unexpected modifications to the products.

Additionally, ‘detailed records’ will track every software build step for complete traceability and permanent proof of record, SolarWinds explained.

A new industry standard

At the time of the SUNBURST attack, the software build process used by SolarWinds was commonplace throughout the technology industry. Because of this, the provider has also announced it is releasing components of its new build system as open source software.

SolarWinds says the aim is to help other organisations benefit from what it has learned over the last couple of years and to help establish a “new industry standard” for secure software development.

“Communicating transparently and collaborating within the industry is the only way to effectively protect our shared cyber infrastructure from evolving threats,” explained Sudhakar Ramakrishna, president and CEO of SolarWinds.

“Our Secure by Design initiative is intended to set a new standard in software supply chain security via innovations in build systems and build processes. We believe our customers, peers, and the broader industry can also benefit from our practices.”

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021

Most Popular

Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022
Swift exit: How the world cut off Russian banks
finance

Swift exit: How the world cut off Russian banks

24 Jun 2022