Yoxos SecureSource

Yoxos SecureSource is a subscription-based service providing secure access to a large repository of Eclipse and other open source plug-ins. All contents of the SecureSource repository are validated using a standards compliant process and signed to guarantee pedigree and authenticity.

Yoxos SecureSource is a great fit for any project requiring full software validation of third-party components. It can also help when Eclipse development and runtime components are needed on disconnected or secure networks where only certified software is permitted.

Yoxos SecureSource is available in three editions to meet the different needs of open source users:

• Certified Edition: Content signed as authentic and accessed via a secure repository
• Trusted Edition: Content analyzed for malicious code. License tracking for plug-ins
• AuditReady Edition: Content analyzed for external reach and malicious behavior. Content prepared using rigorous, documented, regulatory compliant process

The SecureSource library is uniquely flexible.  Deliver our library with the tools you and your team are using - in the environment, framework, you've established.

Find out more about how Yoxos SecureSource can help your organization

Give us a call: 

North America: +1-888-679-8753
Europe: +49 721 6647330

Send us an Email: info@eclipsesource.com

Eclipse. Certified.

Open Source. Closed Loop.

Close the loop between open source and your business. SecureSource components are guaranteed to be sourced directly from the authoring organization. All SecureSource components are signed by EclipseSource to certify authenticity and are downloaded to your environment from secure servers to ensure fidelity.

Certified Software

SecureSource software is certified by the international quality and safety body, TÜV SÜD.  In fact, SecureSource is the first open source repository product to receive certification in functionality and data security.

Timely and Cost Effective

SecureSource delivers fully validated components for much less than the cost of of a typical in-house validation process. SecureSource also keeps you up-to-date with validated versions of new releases as they come out.

Analyzed. Validated.

Trust the components you consume and consume components more easily. All SecureSource bundles reside in fully coherent repositories -- get everything you need from one place. For additional protection, virus and security exploit scanned bundles are available to meet your most stringent compliance needs.

Process Compliant.

Streamline compliance with your organization's procurement and open source consumption and licensing processes. SecureSource components are prepared using a fully documented, auditable and reproducible process.

Standards Compliant. Audit Ready.

The road to audit-ready, standards and regulatory compliance is challenging enough without having to worry about the open source components you use. SecureSource AuditReady bundles arrive fully tested and certified compliant with some of the most stringent industry protocols and regulations. The only components you will need to validate are your own.

Background

Eclipse’s component-based approach where "everything is a plug-in" can substantially increase productivity in software development. Instead of writing everything from scratch, the right tools can be selected from the huge existing ecosystem of Eclipse technology.

Eclipse extensions originate from different sources including eclipse.org, open source developers, commercial vendors, in-house development teams and others. This poses several challenges. The first is sifting through all the available technology to find the right mix. The second is ensuring that the mix is interoperable and will remain that way through new releases, additions and updates. The third, and most critical, is to validate the origin of specific code and to take steps to protect your code base against the introduction of unauthorized code changes, security exploits or viruses.

Yoxos SecureSource leaves developers more time to take care of the actual development by validating and certifying open source and third party components to the specifications you need.   Developers gain access to a secure infrastructure which provides only tested and validated content.