Partnership Focused on Meeting Software Bill of Materials Regulatory Requirements; Remediating Risk Through SBOM Transparency
Fortress Information Security (Fortress) and NetRise today partnered to offer a new, innovative Software Bill of Materials (SBOM) transparency solution to secure software supply chains and meet evolving regulatory requirements for software transparency.
Fortress’ cybersecurity experts partner with public sector organizations and critical infrastructure stakeholders to fortify every link in the software supply chain. NetRise and Fortress provide a comprehensive view of software components for products that manage critical infrastructure facilities. The SBOM data from NetRise combined with Fortress’ analysis and data will be available to users of the North American Energy Software Assurance Database (NAESAD) via the Fortress Platform.
The need for SBOM transparency is fundamental and critical. New research from Fortress found that software vulnerabilities can “lie in wait” for up to three years before being detected and
90% of products used by U.S. electric companies contained software code that was developed in Russia or China, which is three times more likely to have cyber vulnerabilities.
“Our two companies provide organizations drowning in data with the insight they need to mitigate their most critical vulnerabilities,” said Fortress CEO and co-founder Alex Santos. “With our combined tools and expertise, organizations can build SBOMs that position organizations to identify and mitigate threats proactively and respond quickly and resiliently to attacks.”
NetRise specializes in examining firmware and binary analysis. Firmware can be like a black box, but NetRise is unique in its ability to give users an inside view of products that are hard to examine. Fortress provides comprehensive Operational Technology (OT) supply chain cyber risk management software that secures companies’ critical data. Offering NetRise’s firmware capabilities, Fortress’ Platform, and the ability to analyze applications, libraries, and operating systems, puts Fortress at the leading edge of SBOMs for firmware and NAESAD users will get a comprehensive view of risk resulting from their software products.
“Working with Fortress, we offer users best-in-class SBOMs that provide a complete picture of the software that so many companies rely on,” said NetRise CEO and co-founder Thomas Pace. “We’ve joined forces to give customers insight into all the vulnerabilities in their software security supply chains. And, most importantly, a means of fixing those issues.”
Leaders from the two companies will discuss this new partnership during a webinar this Thursday, September 21, at 12N ET.
North American Energy Software Assurance Database (NAESAD): An industry-wide collaborative database to create and share Software Bills of Materials (SBOM) in products used by utilities across North America. NAESAD is led by several investor-owned utilities (including AEP, Southern, Xcel and Nisource) and managed by Fortress Information Security to create a comprehensive SBOM library for common vendors and suppliers.