Finite State has released its Next Generation Platform, which includes extended SBOM management and the ability to ingest and aggregate 120+ external data sources. The new platform provides Application and Product Security teams with a unified and prioritized risk view, as well as unprecedented visibility across the software supply chain lifecycle, allowing them to scale operations through continuous, next-generation risk management.
Matt Wyckhouse, CEO, Finite State commented, “There’s been a significant shift in the composition of enterprise software, and the cybersecurity market hasn’t kept pace to align with how software is built.
AppSec and product security teams are looking to automate embedded system assessment and analysis so they can ensure security across any phase of product development, as risks in the software supply chain are increasing rapidly. Our Next Generation Platform is addressing the needs of software producers and consumers to drive down software supply chain risk with the peace of mind they need to ship or deploy connected products securely.”
With the introduction of the Next Gen Platform, Finite State customers will be able to reduce risk continuously and confidently across “any-party” software, firmware, or applications using a single point of view.
The AppSec and Product Security teams will be able to use external tooling and feeds to build the Software Bill of Materials (SBOM), which will list all vulnerabilities on software components and dependencies, already having over 2 billion data points of analysis.
For any organization that needs complete visibility into their software supply chain in order to ship secure products, fulfill vendor and customer requests, and adhere to regulatory requirements, the SBOM has emerged as the output that is most important.
In contrast to source code, binary SCA (software composition analysis) from Finite State breaks down binaries to help enterprise teams with continuous SBOM management capabilities reduce AppSec risk.
Features of Finite State’s Next Gen platform include:
The solution for creating, gathering, visualizing, and distributing SBOMs throughout your supply chain is known as an end-to-end SBOM solution.
Risk management for unified appsec and product security: the ability to integrate all the tooling and intelligence used to secure products or systems, within the full context of the AppSec or Product Security environment, by ingesting data from 120+ scanners and feeds.
Advanced guidance: Remediation advice generated or ingested for context-aware recommendations that aggregates and reconciles results from all scans.
World-class binary SCA: Enhanced SBOM capabilities to dissect a good or asset into its various parts for a risk assessment that is laser focused.
Intuitive scoring system: A strong scoring methodology that conveys the risk levels of a product or asset using a simple numerical scale and risk prioritization.
Full VEX support: With advanced vulnerability intelligence correlation, you can import, and export all VEX formats.