SBN

Synopsys and ReversingLabs sign agreement to enhance software supply chain risk management

ReversingLabs | Synopsys


Agreement between Synopsys and ReversingLabs delivers comprehensive software supply chain risk management solution. 
Addressing the supply chain challenge
In recent years, DevOps has changed the way software is released into production. This has created new categories of vulnerabilities and introduced new risks into the software supply chain. What once was rare, such as Stuxnet types of breaches, has become more commonplace in supply chain attacks such as SolarWinds. In many ways, software supply chain security is the “new” DevSecOps, leaving organizations across industries and geographies scrambling to find ways to mitigate risks that they don’t yet fully understand. At the same time, organizations are struggling to comply with calls by regulators demanding greater software transparency in the form of software Bills of Materials (SBOMs) for all software, as well attestation to evolving standards such as the National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF) to show that they are applying best practices for secure software development.
Forging a new way forward
Both software producers and consumers need help addressing the challenge of software supply chain threats and weaknesses that can leave them exposed to attacks. Many are looking to leverage current investments by using the tools and capabilities they already have, such as software composition analysis (SCA), while expanding the overall completeness of their SBOMs to address broader supply chain risks. Organizations are looking for the level of granular insight required to address supply chain threats that go beyond the JSON-formatted SBOM of today.

*** This is a Security Bloggers Network syndicated blog from Application Security Blog authored by Synopsys Editorial Team. Read the original post at: https://www.synopsys.com/blogs/software-security/reversinglabs-synopsys-partnership/

Application Security Check Up