MetaDefender Software Supply Chain continues to advance secure development practices with version 3.3.0, introducing secure cross-domain transfer capabilities, expanding repository integrations, and increasing visibility across the software supply chain.
This release is designed to support organizations operating in high-security, regulated, and air-gapped environments, while also improving transparency, compliance, and long-term risk tracking across modern DevSecOps pipelines.
Mới trong bản phát hành này
Cross Domain Transfer (Data Diodes)
Enable secure, one-way transfer of software packages and artifacts across isolated environments using data diode technology.
Nexus Integration
Scan Sonatype Nexus repositories to detect vulnerabilities, malware, and exposed secrets earlier in development.
Gitea Integration
Extend source code scanning coverage to Gitea repositories across distributed development environments.
New SBOM Fields
Enhance SBOM reports with additional metadata for improved compliance and deeper component visibility.
Dashboard Trends
Track security insights over time with new trend visualizations for vulnerabilities, malware, and policy violations.
Offline License Activation
Support license activation in air-gapped deployments without requiring external connectivity.
Secure Cross Domain Transfer: Protecting Software Movement Across Environments
Organizations in government, defense, and critical infrastructure often operate across segmented or fully isolated networks, where securely transferring software artifacts is both essential and highly controlled.
MetaDefender Software Supply Chain 3.3.0 introduces native Cross Domain Transfer capabilities powered by data diode technology, enabling safe, automated movement of code and artifacts from lower-security to higher-security environments via one-way data transfer.
Khả năng chính
- Enforce one-way, hardware-enforced transfer across environments
- Automatically scan and validate repositories before transfer
- Apply security and compliance policies prior to movement
- Maintain visibility and auditability of transferred artifacts
See It in Action: Live Demo from the OPSWAT CIP Lab
This capability can be seen in action in a live demo filmed at the OPSWAT CIP Lab in Timișoara, Romania.
The demo showcases how MetaDefender Software Supply Chain works together with MetaDefender Optical Diode™ to enable secure Git-to-Git replication across isolated environments, highlighting a complete workflow from scanning to controlled transfer.
Broader Repository Coverage: Scan More of Your Development Ecosystem
Nexus Integration
With the addition of Nexus integration, organizations can now extend scanning to artifact repositories, strengthening security earlier in the software lifecycle.
By integrating with Nexus, teams can:
- Scan stored artifacts for vulnerabilities, malware, and secrets
- Prevent compromised components from being reused
- Strengthen control over internal package management systems
Gitea Integration
MetaDefender Software Supply Chain now supports Gitea, expanding coverage for teams using lightweight, self-hosted Git solutions.
This enables organizations to:
- Secure decentralized or on-prem development environments
- Detect risks earlier in source code repositories
- Maintain consistent security policies across all Git platforms
Enhanced SBOM Capabilities: Improved Compliance and Transparency
As regulatory requirements continue to evolve, organizations need deeper insight into their software composition.
Version 3.3.0 introduces additional SBOM fields that enhance reporting detail and improve alignment with compliance frameworks.
Lợi ích chính
- More granular component visibility
- Improved audit readiness and reporting accuracy
- Better support for regulatory and internal compliance requirements
Actionable Insights Over Time: Security Trend Dashboards
Security is not just about point-in-time detection, it’s about understanding how risk evolves.
The new dashboard trends feature provides visibility into how vulnerabilities, malware detections, and policy violations change over time.
Built for Air-Gapped Environments: Offline License Activation
Organizations operating in restricted environments often face challenges with licensing and activation. With offline license activation, fully disconnected deployments are now supported with an available activation process. This capability enables seamless deployment in air-gapped environments, eliminates the need for external connectivity during activation, and simplifies operations for high-security organizations.
A Stronger Platform for Secure Software Supply Chains
With version 3.3.0, OPSWAT continues to strengthen MetaDefender Software Supply Chain by enabling secure software movement, expanding ecosystem integrations, and delivering deeper visibility into risk and compliance.
These new capabilities are designed to help organizations protect every stage of the software lifecycle, even in the most complex and security-sensitive environments.
To learn more about how these updates can support your workflows, talk to our experts.
