PRODUCT SECURITY
Hardware Bill of Materials (HBOM)
HBOM Native visualizations provide composition analysis map to visualize supply chain risks & dependencies
Gain transparency into your supply chain by fully deconstructing
and analyzing technology components.
The Fortress Product Provenance Report was created to evaluate and illuminate the hardware and software components of specific equipment. The assessment provides visibility on potential risks related to granular product components based on obsolescence, vulnerability, non-conformance, counterfeit, and issues related to foreign adversarial influence.
-
Evaluate security protocols and processes to ensure consistency with industry best practices.
-
Measure a supplier's end-to-end processes, including physical, logical, and administrative practices, intellectual property protection, background investigations, cloud security, manufacturing processes, and more.
-
Examine products and components to ensure no malicious capabilities or counterfeit hardware have been introduced.
-
Assess regularly to ensure integrity of software and systems remains inviolate and no new malicious activity or unplanned functionality has been introduced.

A composition analysis map provides visualization of supply chain risks & dependencies.
The Fortress product analyst team performs illumination using complete hardware teardown, open-source intelligence (OSINT) gathering, and Fortress proprietary tools to deconstruct software/firmware images. The process ultimately identifies potential security risks that may arise through the procurement of the device.
The team also analyzes fourth party manufacturers for foreign ownership, control, or influence (FOCI) violations and concerns. A provenance risk assessment summary outlines quantifiable findings which create the overall product security risk and foreign adversarial influence risk for the product.
We serve as a central repository for accessing and maintaining accurate data.
Leverage Fortress's central data repository with real-time data on supplier certifications, assessments, product bill of materials, cyber hygiene, breach alerts, M&A alerts, potential compliance alerts, and validated product and vendor risk assessments.