Framework Driven
Developer Workflows

Just Bring Your Code

Secure Software Factory

What is a factory?

The factory houses the components, toolchain and infrastructure needed to support your development efforts. The secure software factory facilitates DevSecOps initiatives by providing the tools needed for your CICD pipelines to consume in order to deliver secure software consistently without having to think about it.

With TruStacks, the factory is fully maintained and integrated. Many of the Day-1 configuration tasks have been fully automated into Day-0. We can stand up a full factory in your cloud end-to-end in about 30 minutes.

TruStacks Factory.png
Factory Origins
secure_software_factory.png

Where did it come from?

The idea of the Secure Software Factory originated around 2018. A few partners came together realizing that modern software delivery is complex and can be overwhelming. I need a CICD tool, BOM, SAST, DAST, Kubernetes and more. The Secure Software Factory was able to bring vendor options to each step in the software delivery process. 

We at TruStacks took it beyond the original idea of bringing the right vendor to the problem and we asked ourselves, how can we create a solution the world can consume out of the box on day-1?

DEPLOYED IN 30 MINUTES

Factory deployed in your cloud

Pipelines have stages, and those stages need tools. Maintaining these tools for creating modern software can be an exhaustive task.​ We believe that tools are a means to an end and development teams should be focused on outcomes, not the tool that got them there.

Today, TruStacks has fully integrated ArgoCD, ArgoWorkflows, SonarQube, ShiftLeft, OpenScap to name a few into the factory and are readily available to the CI tool that needs it. TruStacks fully manages these components for you so you don't have to.

Factory-amico.PNG
Guardrails-and-security-298x300.png
Shift Security Left

Security Guardrails

Pipeline stages like load testing, container scanning and secrets management are often an afterthought or pushed off to a later date.

By using TruStacks we put your developers on guardrails guiding them through best-practices while at the same time, not hindering creativity or productivity.

DON'T RE-INVENT THE WHEEL

Reduce Complexity

With innovation comes complexity. As DevOps teams grow so too do their requirement for processes, compliance and procedures which usually result in more tools that need to be maintained.

 

With TruStacks, we leverage the power of the components and tools you already use in the Secure Software Factory by directly integrating their functionality into the pipelines powered by CICD abstraction tools like Ploigos and dagger.io.

Code review-amico.png

Posts

 

Technologies you already trust, fully integrated

red_hat.png
ShiftLeft_PrimaryLogo_RGB_TwoColor.png
Sonarqube.png
dagger.PNG
Google_Cloud_Platform-Logo.wine.png
Microsoft_Azure-Logo.wine.png
GitLab_logo.svg.png
 
 
SUBSCRIBE