SAN FRANCISCO--(BUSINESS WIRE)--RapidFort, a leading innovator in cybersecurity, unveiled its Software Bill of Materials (SBOM) Warehouse feature, taking a major leap forward in Software Attack Surface Management (SASM). This innovative platform capability provides a centralized location for SBOMs for all of an organization’s containers, aligning with the National Institute of Standards and Technology’s (NIST) recommendation. The centralized view, coupled with additional benefits like enhanced risk visibility, ingestion and reporting capabilities, allows security teams to swiftly and effectively address critical vulnerabilities in any package and its dependencies, significantly enhancing organizations' cybersecurity posture. This new functionality is part of the process RapidFort uses to automatically eliminate more than 80% of software vulnerabilities, during development, with no code changes.
The Presidential Executive Orders new requirement for cyber devices to provide an SBOM for all software components and a proposal for federal contractors to develop and maintain an SBOM for any software are just two examples of recent compliance requirements making SBOMs among the most critical priorities for government agencies and commercial organizations. RapidFort’s SBOM Warehouse feature is helping to address this new priority by continuously monitoring for risks, updating risk profiles with new security advisories, and reducing the repetitive task of regenerating SBOMs for the same containers on a regular cadence, saving customers time and money.
"The landscape of vulnerabilities within SBOMs is dynamic, changing almost daily. To maintain an accurate risk profile, organizations would traditionally need to generate SBOMs manually every day, a time-consuming and costly process," explained Mehran Farimani, CEO and Co-Founder of RapidFort. "We are thrilled to be one of the only vendors offering a solution that is helping organizations address this growing priority by simplifying and automating the process, saving them valuable time and resources."
RapidFort’s SBOM Warehouse is incorporated within RapidFort's platform and scanning suite, making it simple for organizations to leverage the profiling and hardening feature to remediate risks quickly and automatically. Uniquely, the SBOM Warehouse enables the ingestion of SBOMs generated by scanners, including those not supported by RapidFort's platform. It then converts them to industry standard formats such as SPDX and Cyclone DX. With the SBOM Warehouse's container comparison feature, RapidFort can identify any new components or deficiencies found within containers and associated vulnerabilities. This results in organizations having the most accurate view of their SBOMs, specifically the components used in their containers and the actionable risk metrics based on current information.
RapidFort's SBOM Warehouse is just one of the many capabilities that make up its SASM platform, the first of its kind. This platform is designed to identify and remove unused components without altering the software's behavior, resulting in smaller, more performant and secure software. Its flagship runtime toolset, RapidFort Runtime, takes an active role in scanning, profiling, monitoring, and securing containers in production environments, pinpointing the vulnerabilities within applications' execution paths. This comprehensive approach enables teams to protect their infrastructure by automatically removing unused components and unnecessary vulnerabilities, and reducing software attack surfaces by an impressive 60-90%.
Large portions of the SBOM Warehouse were developed in partnership with and financed by SpaceWERX. SpaceWERX is the innovation arm of the United States Space Force and blends the best of commercial innovation with the needs of United States Space Guardians. The enterprise version is available on RapidFort’s website, while the Department of Defense version is available for download at USAF PlatformOne Ironbank.
To learn more about RapidFort and the SBOM Warehouse capability, please visit https://www.rapidfort.com/
About RapidFort
RapidFort offers a cybersecurity platform that streamlines and secures modern infrastructure. Their innovative approach allows organizations to continuously monitor and minimize their software attack surface, ultimately improving their security posture and operational efficiency. RapidFort empowers development and security teams with a free tier and free community images, making it easy to get started with secure cloud development. Learn more about RapidFort at https://www.rapidfort.com/.