Escrow London

Open Source Code Audits / Bill of Materials Audit

Escrow London performs audits of software code bases to detect and identify the existence of open-source code. A detailed report is created identifying open-source code and their corresponding licenses.

A Software Bill of Materials Audit provides an inventory of components that make up a piece of software.

Features

• Ensure open source code licensing compliance
• Identify vulnerabilities in open source code within your software
• Understand what code is embedded in your software
• Software Bill of Materials (SBOM) audit
• Understand what components are included within your software
• Ensure your company adheres to regulatory compliance
• Supporting due diligence for software acquisition
• ISO 5230 OpenChain Implementation

Benefits

• Reduces business software licensing risks
• Reduces IT security risks
• Increase compliance of software licensing
• Reduces Supply Chain Risks
• Increases Consumer Confidence

£2,950.00 to £16,950.00 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at evan@escrowlondon.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

709773203223123

Contact

Evan Lever
020 3862 0380
evan@escrowlondon.com

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Buyers need to understand what potentially problematic third-party code may be embedded within their software if hosted in the cloud. ; A cloud-hosted application may contain open source code with vulnerabilities that could be exploited by hackers.; ; A comprehensive Software Bill of Materials (SBOM) is an extremely important process for any software development organisation. An SBOM can be used to modify open source policies and quickly react to published vulnerabilities. A SBOM lets you know exactly what’s in your code at any point in time. Escrow London can assist your organisation in producing and maintaining your SBOM.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: No

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: No

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 4 Hours during business hours 8 Hours during weekends/holidays
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Every client is allocated a technical account manager. We do not charge additional fees for basic support.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS
• ISO/IEC 27001 accreditation date: 24/09/2021
• What the ISO/IEC 27001 doesn’t cover: No exclusions
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Self certification SAQ-A EP
• PCI DSS accreditation date: 01/09/2021
• What the PCI DSS doesn’t cover: No exclusions
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Fighting climate change:

  Fighting climate change

  As a responsible company, Escrow London is fully committed to its responsibility in fighting climate change. We are absolutely dedicated to reducing our environmental impact and aim to support carbon-neutral suppliers wherever possible.
• Covid-19 recovery:

  Covid-19 recovery

  Covid-19 was particularly hard on the younger generation entering the workforce. We are committed as a business to providing new opportunities to graduates and other young professionals looking for a start in their careers.
• Equal opportunity:

  Equal opportunity

  Escrow London is committed to promoting and achieving equality of opportunity for all employees, directors, consultants and job applicants. Escrow London strives to create a workplace environment in which all employees are able to achieve their best free from discrimination or harassment. Escrow London does not discriminate against employees or job applicants on the basis of their gender, sexual orientation, marital or civil partner status, pregnancy or maternity, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.

Pricing

• Price: £2,950.00 to £16,950.00 a unit
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at evan@escrowlondon.com. Tell them what format you need. It will help if you say what assistive technology you use.