"NetRise has given us unprecedented visibility into software security risks," said Jim Mahony, CISO of Robert Morris University. "As a CISO in higher education with limited resources, NetRise's platform allows us to identify and mitigate risks that other organizations don't even know exist. It's eye-opening to see the stark difference between publicly reported vulnerabilities and what NetRise actually uncovers in software. This tool is driving the future of software development practices and security."
Software is the backbone of every modern organization. However, open-source and proprietary software supply chain complexity often leaves organizations unknowingly vulnerable. According to Sonatype's ninth annual State of the Software Supply Chain report, the software supply chain is so complex that only 7% of organizations have even attempted to review their software supply chain risks. Capterra's 2023 Software Supply Chain Survey reports that 61% of U.S. businesses were directly impacted by a software supply chain attack in the 12 months ending in April 2023.
With the same cutting-edge technology that provides visibility into XIoT devices, the NetRise Platform now offers a single pane of glass for viewing and managing software supply chain detection and response efforts, regardless of how software is packaged, shipped, or deployed. Key new capabilities include:
- Machine Learning-Based Software Composition Analysis: Identifies software components using proprietary algorithms without depending on traditional package manifests and string matching techniques.
- Enhanced Software Extraction and Decomposition: Unpacks and analyzes components in Windows applications, container images, and other formats.
- Component Knowledge Retrieval: Retrieves detailed component and dependency information using a simple file hash.
- Intelligent Dependency Mapping: Generates comprehensive dependency graphs without direct evidence of dependencies in the software asset.
"Controlling the software supply chain is one of the most basic risk management initiatives an organization can undertake," said Thomas Pace, Co-founder and CEO of NetRise. "Center for Internet Security lists 'Inventory and Control of Software Assets' as Critical Security Control number 2 for a reason. The NetRise Platform enables developers to ship more secure software and empowers enterprises to rely on their software supply chains confidently. Our supply chain detection and response approach ensures unparalleled visibility and risk analysis across all software assets."
Resources
About NetRise
Based in Austin, Texas, NetRise was built by defensive cyber experts bred across the private sector, intelligence community, and U.S. federal government to solve the software supply chain security problem. The company is partnering with companies across manufacturing, automotive, medical devices, industrial control systems, satellites, and many more. https://www.netrise.io/
Media Contact:
Michelle Yusupov
Hi-Touch PR
443-857-9468
[email protected]
SOURCE NetRise
Share this article