Rezilion Recognized as SBOM Tool Provider in Gartner Emerging Technologies Trend Report on Software Bill of Materials (SBOM)
BE'ER SHEVA, Israel, Sept. 9, 2022 /PRNewswire/ -- Rezilion, an automated software vulnerability management platform, announced today that it has been named a vendor providing Innovative tools for SBOM management in Gartner's new report, titled Emerging Tech: A Software Bill of Materials Is Critical to Software Supply Chain Management.
The report highlights the growing importance of SBOMs in managing software supply chain risk at a time when the software industry increases its reliance on third-party and/or open-source code. Unlike internally-developed components, which adhere to rigorous security and quality guidelines, open-source software (OSS) can come from many sources and is far more prone to risk. These security and compliance risks are exacerbated by a lack of visibility and understanding of open-source dependencies within the software supply chain. SBOMs answer that challenge by providing a much-needed view into an organization's inventory of software, as well as the dependencies, licenses, compliance posture and provenance information.
The software supply chain has become a target and is under constant attack, with high-profile breaches, such as the ones impacting SolarWinds and Kaseya. An SBOM is critical because it offers visibility, and also allows users to monitor vulnerabilities in parallel with whatever vulnerability management is conducted by the supplier. But having visibility isn't enough - organizations also need to be able to identify new software vulnerabilities. To meet this need, the report recommends that static SBOMs evolve to include dynamic and real time capabilities. Furthermore, the report highlights the need to go beyond identification of software vulnerabilities and leverage SBOMs to drive efficient remediation.
Using the Rezilion platform, customers can identify, prioritize, and remediate software vulnerabilities using a first-of-its-kind Dynamic SBOM. Unlike static SBOMs, which traditionally provide visibility into a single software environment at a specific point in time, Rezilion's Dynamic SBOM seamlessly plugs into all software environments, from development to production, and provides real-time visibility to all software components. Rezilion's Dynamic SBOM then does more than just uncover what software components are there: it reveals if and how they're being executed in runtime, providing organizations with an unparalleled solution to understand where bugs exist – but also whether or not they could be exploited by attackers.
Through Rezilion's Dynamic SBOM, customers benefit from:
- Dynamic Inventory - Continuous tracking and management of the software environment as changes are being introduced.
- Full Stack, Full Cycle Coverage - See all software components across dev and prod, on-prem and cloud, hosts, containers, and IoT devices.
- Vulnerability Scanning - Identify known vulnerabilities associated with the software components in your SBOM.
- Vulnerability Prioritization Using Dynamic Context - Know down to the function level what every component is doing in runtime. Triage vulnerable components that are executed and loaded to memory from the vast majority that's unloaded and therefore not exploitable.
- Dynamic Identification - Instantly search and pinpoint vulnerable components across millions of files and on thousands of hosts, containers, and applications.
- VEX (Vulnerability Exploitability Exchange) available as an exportable file, to communicate vulnerabilities and their impact with customers and regulators.
- Exportable Formats - Share the dynamic SBOM as a machine readable Cyclone DX artifact.
"Gartner's analysis and outlook on SBOMs arrives at a critical time," said Liran Tancman, Co-Founder and CEO of Rezilion. "As more organizations embrace SBOMs as a vital component of their software security tooling, we're thrilled to be among the named providers. Our Dynamic SBOM gives organizations the ability to know how their dependencies are being exploited, which solidifies how well-aligned our current capabilities are with the evolution of SBOMs in the future."
Rezilion was named a vendor in the Software Bill of Materials (SBOM) category in the Gartner Hype Cycle for Open Source Software, 2022, and the SBOM and ASOC categories in the Gartner Hype Cycle for Application Security, 2022, in July of this year.
Rezilion's Dynamic SBOM is available now across CI and on-prem and cloud environments. A basic, free-of-charge version is available for use in CI through Rezilion's website. Get started today at www.rezilion.com/get-started.
About Rezilion:
Rezilion's platform automatically secures the software you deliver to customers. Rezilion's continuous runtime analysis detects vulnerable software components on any layer of the software stack and determines their exploitability, filtering out up to 95% of identified vulnerabilities. Rezilion then automatically mitigates exploitable vulnerabilities across the SDLC, reducing vulnerability backlogs and remediation timelines from months to hours, while giving DevOps teams time back to build.
Learn more about Rezilion's software attack surface management platform at www.rezilion.com and get a 30-day free trial.
Disclaimer: GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Media Contact:
Danielle Ostrovsky
Hi-Touch PR
410-302-9459
[email protected]
SOURCE Rezilion
Share this article