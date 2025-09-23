The challenge: Addressing security across the software development life cycle

“Security is the cornerstone of ZPE’s infrastructure management solutions,” said Koroush Saraf, vice president of product management and marketing at ZPE Systems. “Our automation platform touches every aspect of our customers critical infrastructure, from networking and firewall gear to servers, smart PDUs, and everything else in their production network. The ZPE portfolio is architected with the strongest security and implemented with the same level of scrutiny.”

Given the critical nature of enterprise networking, security is paramount to ZPE customers.

“The average time taken to apply patches and fix vulnerabilities can be more than 205 days,” said Saraf. “This is due to many reasons: limited resources and time, concerns that something may break, or in some cases, admins don’t even know that a critical patch is available. That’s why ZPE takes on the responsibility for customers. They’re assured that the systems running their infrastructure are running the latest, most secure software. And if a patch fails, our built-in undo button reverts to a safe configuration before any damage can be done.”

Saraf added, “Like with all modern organizations, ZPE uses a complex mix of proprietary, open source, and third-party software obtained through a variety of sources from the software supply chain. Think third-party libraries, packaged software from ISVs, IoT and embedded firmware, and especially open source components. In fact, studies show that over three-quarters of the code in any given application is likely to be open source.”

“Most third parties won’t provide the source code behind their software,” noted Saraf. “But the question remains whether that supplier is as security-conscious as ZPE. Again, we found the solution with Black Duck®, which gives us insight into any third-party software we include without requiring access to the source code.”