Orlando, FL, December 11, 2023 – Fortress Data Safety (Fortress) and CodeSecure right this moment introduced a partnership to supply new capabilities to map open-source software program elements and discover and perceive high quality and safety defects in third get together or industrial software program. CodeSecure, a number one supplier of software safety testing merchandise, permits Fortress to broaden its Software program Invoice of Supplies (SBOM) safety and remediation capabilities.
Fortress cybersecurity specialists’ accomplice with public sector organizations and important infrastructure stakeholders to fortify each hyperlink within the software program provide chain. CodeSecure helps to determine open-source elements and shared dependencies in software program, containers, and cell/desktop purposes. As well as, CodeSecure conducts binary code evaluation to detect safety vulnerabilities in externally developed software program elements with out entry to supply code.
“SBOMs are a vital software for bolstering our nationwide safety and defending vital infrastructure and protection belongings from nation-state assaults,” mentioned Alex Santos, CEO of Fortress. “CodeSecure permits us to construct further safety and remediation capabilities that assist our clients maximize all of the potential of their SBOM deployments.”
The necessity for SBOM transparency is prime and important. New analysis from Fortress discovered that software program vulnerabilities can “lie in wait” for as much as three years earlier than being detected, and 90% of merchandise utilized by U.S. electrical utilities contained software program code developed in Russia or China, which was thrice extra more likely to have vital severity vulnerabilities.
CodeSecure will assist Fortress proceed to broaden its SBOM database and supply related danger knowledge to vital industries through the North American Power Software program Assurance Database (NAESAD).
“Open-source software program is an assault floor typically exploited by cyber attackers,” mentioned Andrew Meyer, Chief Advertising Officer of CodeSecure. “The partnership with Fortress will allow our clients to not solely catalog all their software program elements but in addition detect and remediate vulnerabilities earlier than they are often exploited.”
The businesses will talk about software program provide chain safety challenges and options throughout a webinar on January tenth at 11am ET!
Utilized by the world’s most security-conscious organizations to detect, measure, analyze and resolve vulnerabilities for software program they develop or use. CodeSecure merchandise allow fast DevSecOps deployments whereas additionally securing their software program provide chains. CodeSecure has company headquarters in Bethesda MD and publishes TalkSecure, an academic useful resource for product software program builders. Go to us at http://www.codesecure.com and observe us on LinkedIn and X.
About Fortress Data Safety
Fortress secures North America’s energy and protection provide chains from cyberattacks on operational and important enterprise applied sciences. Fortress’ proprietary expertise platform orchestrates North America’s most superior cyber provide chain danger administration and vulnerability administration applications. Fortress operates the Asset to Vendor community, which supplies vital operators confidence that the services and products they receive from others are cyber-safe. Fortress is a Goldman Sachs Portfolio Firm.
North American Power Software program Assurance Database (NAESAD): An industry-wide collaborative database to create and share Software program Payments of Supplies (SBOM) in merchandise utilized by utilities throughout North America. NAESAD is led by a number of investor-owned utilities (together with AEP, Southern, Xcel, and NiSource) and managed by Fortress Data Safety to create a complete SBOM library for widespread distributors and suppliers.