Security of Open Source Software (OSS) is paramount in the minds of Enterprises using OSS projects in production environments.  Many OSS projects ensure that the software is patched quickly to mitigate any identified critical vulnerabilities. The exact vulnerabilities and timeline to fix them may not align with the Enterprise using these projects. Typically, vendors providing commercial support are an option to ensure the production implementation is secure and compliant.

Spinnaker ( is a multi-cloud continuous delivery platform that was originally open-sourced by Netflix but has since been maintained by a large community.

OpsMx, a leading provider of intelligent continuous delivery platforms, offers the most secure and hardened Spinnaker distribution for Enterprises interested in using OSS Spinnaker.  In addition, the OpsMx Intelligent Software Delivery (ISD) platform packages Spinnaker inside and offers additional benefits beyond the capabilities of OSS Spinnaker.

Benefits of the OpsMx ISD Spinnaker Distribution for Enterprises include:

  • No Forking or Lock-in: Built on upstream Open Source Spinnaker with additional patches for severe security vulnerabilities with no forking or lock-in.  All patches are upstreamed to be available in future community OSS releases.
  • Hardened UBI8-Based Images: The OpsMx ISD Spinnaker distribution is provided in industry-standard, most secure RedHat UBI8-based images.
  • FIPS-140-2 Validated: OpsMx ISD Spinnaker images are validated for FIPS-140-2 (Federal Information Processing Standards) compliance.
  • Predictable Patched Version Availability: OpsMx will ensure predictable availability of patched versions based on the below schedule for ISD Spinnaker.
Rating CVSS Score OpsMx Patched Version Availability 
Critical 9.0-10.0 <1 week
High 7.0-8.9 <30 days
Medium 4.0-6.9 As required <90 days
Low 0.1-3.9 As required
None 0.0 As required



Tags :

Balaji Sivasubramanian

Balaji Sivasubramanian is the Vice President of Product at OpsMx. He is passionate about creating and evangelizing winning products with expertise in all aspects of the business – strategy, product management, product marketing, GTM, and business development in early-stage startups and innovative companies. He is a Subject Matter Expert in CI/CD, DevOps, Applications, Containers/Microservices, Data Center IT / Cloud Infrastructure - Network, Compute, and Storage, IT Security, Machine Learning and AI, Enterprise, SaaS, and Cloud. He is an ambassador for the Continuous Delivery Foundation (CDF).


Submit a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.