PRESS RELEASE
Orlando, FL, December 11, 2023 – Fortress Data Safety (Fortress) and CodeSecure as we speak introduced a partnership to supply new capabilities to map open-source software program elements and discover and perceive high quality and safety defects in third social gathering or industrial software program. CodeSecure, a number one supplier of utility safety testing merchandise, permits Fortress to increase its Software program Invoice of Supplies (SBOM) safety and remediation capabilities.
Fortress cybersecurity consultants’ associate with public sector organizations and significant infrastructure stakeholders to fortify each hyperlink within the software program provide chain. CodeSecure helps to establish open-source elements and shared dependencies in software program, containers, and cell/desktop purposes. As well as, CodeSecure conducts binary code evaluation to detect safety vulnerabilities in externally developed software program elements with out entry to supply code.
“SBOMs are a important instrument for bolstering our nationwide safety and defending important infrastructure and protection property from nation-state assaults,” stated Alex Santos, CEO of Fortress. “CodeSecure permits us to construct extra safety and remediation capabilities that assist our prospects maximize all of the potential of their SBOM deployments.”
The necessity for SBOM transparency is prime and significant. New analysis from Fortress discovered that software program vulnerabilities can “lie in wait” for as much as three years earlier than being detected, and 90% of merchandise utilized by U.S. electrical utilities contained software program code developed in Russia or China, which was 3 times extra prone to have important severity vulnerabilities.
CodeSecure will assist Fortress proceed to increase its SBOM database and supply related threat knowledge to important industries by way of the North American Vitality Software program Assurance Database (NAESAD).
“Open-source software program is an assault floor usually exploited by cyber attackers,” stated Andrew Meyer, Chief Advertising and marketing Officer of CodeSecure. “The partnership with Fortress will allow our prospects to not solely catalog all their software program elements but in addition detect and remediate vulnerabilities earlier than they are often exploited.”
The businesses will focus on software program provide chain safety challenges and options throughout a webinar on January tenth at 11am ET!
About CodeSecure
Utilized by the world’s most security-conscious organizations to detect, measure, analyze and resolve vulnerabilities for software program they develop or use. CodeSecure merchandise allow fast DevSecOps deployments whereas additionally securing their software program provide chains. CodeSecure has company headquarters in Bethesda MD and publishes TalkSecure, an academic useful resource for product software program builders. Go to us at http://www.codesecure.com and observe us on LinkedIn and X.
About Fortress Data Safety
Fortress secures North America’s energy and protection provide chains from cyberattacks on operational and significant enterprise applied sciences. Fortress’ proprietary know-how platform orchestrates North America’s most superior cyber provide chain threat administration and vulnerability administration applications. Fortress operates the Asset to Vendor community, which supplies important operators confidence that the services and products they get hold of from others are cyber-safe. Fortress is a Goldman Sachs Portfolio Firm.
About NAESAD
North American Vitality Software program Assurance Database (NAESAD): An industry-wide collaborative database to create and share Software program Payments of Supplies (SBOM) in merchandise utilized by utilities throughout North America. NAESAD is led by a number of investor-owned utilities (together with AEP, Southern, Xcel, and NiSource) and managed by Fortress Data Safety to create a complete SBOM library for widespread distributors and suppliers.
