At the {unscripted} conference, Harness announced four new product modules on the Harness platform. Each module is aimed at advancing the state of software delivery and developer experience, and includes Harness Code Repository, Harness Internal Developer Portal, Harness Infrastructure as Code Management, Harness Software Supply Chain Assurance.

Harness Code Repository

Harness Code Repository is a premium module based on open source Gitness and tailored to meet the demands of enterprise teams and organizations. Gitness is a developer-friendly, open source Git platform created to address common obstacles in traditional software development workflows. Harness Code Repository provides additional enhanced features and capabilities for Gitness, including:

• Collaborative code reviews to foster collaboration and knowledge sharing, for higher code quality and fewer errors
• Advanced governance with branch protection to ensure stability by preventing unauthorized or risky changes from being merged into critical branches, reducing the chance of introducing bugs or vulnerabilities
• Policy enforcement powered by OPA to ensure code complies with predefined organizational standards and best practices, reducing manual intervention and human error
• Seamless integrations tailored for the development process on the Harness platform help streamline the development process by connecting code repos with other development and deployment tools to improve efficiency and collaboration, which accelerates  the software delivery pipeline
  

Harness Code Repository will be available in beta next month.

Harness Internal Developer Portal (IDP)

With the rapidly emerging trend of Platform Engineering teams who seek to streamline developer experience for their organizations, developer portals are becoming a "must-have" for large engineering organizations. According to Gartner, "By 2025, 75% of organizations with platform teams will provide self-service developer portals to improve developer experience and accelerate product innovation."

Answering that demand from Harness customers, the Harness Internal Developer Portal (IDP) helps organizations accelerate new service onboarding, simplifying the often complex and time-consuming process of setting up infrastructure, configuring frameworks, establishing CI/CD pipelines, and more. Harness IDP is built on the Backstage.io platform, providing critical governance features out of the box and a simplified management experience.

Harness IDP includes:

• Self-service automation enables developers to create new services quickly, eliminating up to days or weeks of waiting time
• The Software Catalog unifies essential service information, such as builds, deployments, alerts, and health metrics, into a single pane of glass called the Software Catalog
• Discoverability of tools enhances collaboration and communication within organizations by providing easy discoverability of internal services, APIs, and tools, which helps prevent duplication of efforts and enables efficient knowledge sharing
• Scorecards enable platform engineers to gauge service maturity and encourage the adoption of best practices from DevOps, development, and security perspectives-effectively gamifying the quest for excellence in software development
  

The result is that developers spend less time being blocked and more time innovating. Visit harness.io/products/internal-developer-portal to learn more.

Harness Infrastructure as Code Management (IaCM)

Companies are using Infrastructure as Code (IaC) to define infrastructure requirements, configurations, and dependencies, and to manage resources in a more efficient and repeatable way. However, customers are still finding that most IaC solutions are labor intensive, create errors, and come with limited visibility and guardrails. Harness Infrastructure as Code Management (IaCM) addresses these challenges and adds automation and security.

Harness IaCM provides:

• An advanced pipeline for IaC automation, simplifying code management from Pull Request (PR) to provisioning. Streamlining the process speeds up the creation, testing, review, and deployment of infrastructure changes, significantly improving efficiency
• Automatic drift detection and remediation continuously monitors the infrastructure for deviations, ensuring all changes are done in the right process
• OPA-based infrastructure policies to enforce security and compliance standards. These policies, defined as code, are applied automatically during the provisioning process, reducing the risk of misconfigurations and vulnerabilities
• Provides the PR process for reviewing infrastructure changes, making it more efficient and error-resistant by allowing developers to understand the impact of their changes before merging the code
  

Harness IaCM helps organizations achieve the benefits of self-service infrastructure management, mitigate risks associated with manual processes, and optimize operational efficiency, resulting in more secure, compliant, and efficient infrastructure management. Get started with Harness IaCM today at harness.io/products/infrastructure-as-code-management.  

Harness Software Supply Chain Assurance

Modern applications are being built with an exponentially growing number of open source components, each of which introduces new vulnerabilities that can put the application's consumers at risk. For these reasons, the software supply chain has become the focus of cyberattacks that are increasing in both number and sophistication. According to Gartner, "By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021."

Recent supply chain attacks, such as log4j and SolarWinds, underscore the importance of open source governance and ensuring software artifact integrity in alignment with standards like Supply Chain Levels for Software Artifacts (SLSA). In the United States, Executive Order 14028 mandates SBOMs, provenance verification, policy enforcement, and rapid zero-day vulnerability response to enhance supply chain security.

The Harness Software Supply Chain Assurance (SSCA) module comprehensively addresses these requirements by providing:

• Deep visibility and control over open source software components, allowing organizations to monitor and enforce policies based on component versions, licenses, suppliers, and more
• Streamlines the generation of SBOMs in various formats, enabling secure sharing and storage. Users can sign and validate SBOMs with their private keys
• Enables governance by setting up policies to block harmful or risky components, such as log4j, in an organization's supply chain
• Ensures software integrity by generating and verifying attestations, following SLSA specifications and mandates listed in Executive Order 14028
• Strengthens software development with DevSecOps practices, further letting software producers effectively ship secure software artifacts to their consumers
  

Learn more about Harness SSCA at harness.io/products/software-supply-chain-assurance.

"The four new modules we are launching today represent a significant leap forward on our mission to enhance efficiency, foster collaboration, and fortify security throughout the software delivery lifecycle," said Jyoti Bansal, CEO and cofounder of Harness. "These new innovations are the latest way we are providing developers and organizations with the tools and capabilities to help them achieve their software development goals."

Harness additionally announced two new industry-wide communities:

• FinOps Excellence: A community-driven initiative to bring together leaders working in cloud cost management globally. This initiative provides a forum for leaders working on managing cloud cost initiatives within their organizations to come together and collaborate to discuss challenges and exchange best practices. Controlling cloud costs is a developer-led initiative, and Harness is at a unique position to drive and facilitate conversations where "efficient" software delivery is key. In the last few months, a growing cohort of experts from some of the largest banks, consumer/retail, telecom, IT, and insurance companies have met to further the conversations about cloud cost efficiency. You can learn more or request an invitation at linkedin.com/company/finops-excellence.
  

• Engineering Excellence Collective: An industry-wide consortium of 300 senior engineering leaders working together to solve some of the most pressing challenges in the industry.