RunSafe Security Launches New Software Supply Chain Security Platform for Comprehensive Risk Identification, Protection, and Monitoring

Posted on December 17, 2024

New platform provides powerful, integrated solution combining SBOM tooling with automated remediation and seamless integrations with commonly used CI/CD tools

MCLEAN, Va. — December 17, 2024 — RunSafe Security, a leader in immunizing software from cyberattacks through a patented, frictionless process, today announced the release of the RunSafe Security Platform that automates risk identification, exploit prevention, and runtime software monitoring. Now, developers can generate a high-fidelity software bill of materials (SBOM) at build time, ensuring the highest level of accuracy in identifying software components and related vulnerabilities. This powerful, comprehensive solution includes the authoritative, build-time C/C++ SBOM generation for embedded systems and enhances a system’s resiliency by automating the remediation of memory safety vulnerabilities in compiled code.

RunSafe Security Platform
RunSafe Security Platform, designed to identify software from memory safety vulnerabilities, prevent exploit weaponization, and provide runtime defenses. The platform emphasizes enhanced resilience and proactive security for embedded systems and critical infrastructure.

“Software is complex, often utilizing third-party components and open-source code, which leads to vulnerabilities that can compromise an entire system,” said Shane Fry, CTO of RunSafe Security. “Today’s organizations are challenged in managing scarce resources due to the constant need for software patching, minimizing operational disruptions, and enhancing security compliance to remain competitive. With our new platform, we are addressing these critical challenges by proactively protecting embedded software to enhance an organization’s security with comprehensive risk identification, protection, and monitoring.”

Software supply chain transparency can reduce risks and build trust. With regulations such as the Cyber Resiliency Act and the FD&C Act, building and including SBOMs is quickly becoming a business must. These requirements are driven by software supply chain security concerns, which underscores the critical need for SBOMs to identify risks and stay ahead of potential threats.

Leading global software organizations, including Lockheed Martin, Vertiv, and Critical Software, already use the RunSafe Security Platform. “RunSafe’s platform is timely given the new EU Cyber Resilience Act’s product liability,” says Critical Software CEO Joao Carreira. “Not only can organizations generate a complete SBOM, they can immediately mitigate vulnerabilities and future-proof against zero days using automated tools freeing developers to focus on new feature development.”

Powered by 400-plus vulnerability data sources, the RunSafe Security Platform delivers comprehensive cybersecurity solutions for embedded systems deployed across critical infrastructure. By generating an SBOM with complete visibility into software components, the platform reveals software dependencies, identifies vulnerabilities and quantifies risks. Organizations are provided with actionable insights to reduce exploit paths and enhance their security posture using automated tools throughout the development lifecycle.

Key capabilities and benefits include:

  • RunSafe Identify generates SBOMs for embedded systems at software build time, identifies software vulnerabilities, and quantifies available risk reduction technologies for those vulnerabilities. By offering insights into software components, vulnerabilities, and effective mitigation strategies, RunSafe empowers organizations to enhance their software’s resilience against evolving cyber threats.
  • RunSafe Protect mitigates cyber exploits by relocating software functions in memory every time the software is run. This results in a unique memory layout to prevent attackers from exploiting memory-based vulnerabilities. This approach maintains system performance and functionality without modifying the original software. RunSafe also offers a repository of pre-hardened open-source packages and containers, providing immediate protection against attacks in open-source software commonly used in proprietary software.
  • RunSafe Monitor provides real-time crash data and heuristics to determine whether a crash was a software bug or the result of a cyber attack. This capability enables precise triage, minimizing time and effort wasted on false positives. RunSafe’s passive monitoring listens for software crashes, collecting data on stability, reliability, and potential vulnerabilities. When a crash occurs, this data is swiftly directed to incident response teams for accurate and efficient triage, enhancing overall software security and resilience.

The RunSafe Security Platform will be generally available on December 16, 2024. To learn more, visit https://runsafesecurity.com/runsafe-platform/

About RunSafe Security

RunSafe Security immunizes software from cyberattacks without developer friction, disrupting hacker economics. Our security techniques inoculate customer systems from an entire class of cyberattacks. Our customers integrate our product across build tools chains without developer friction, protecting open-source software and proprietary native code without changing system behavior or affecting system overhead. Headquartered in McLean, Virginia, with offices in Huntsville, Alabama, and Munich, Germany, RunSafe Security’s customers span the aerospace & defense, energy & industrial automation, transportation & autonomy, medical devices, and high-tech verticals. Learn more at: https://runsafesecurity.com/

Media Contact:RunSafe Security
Staci Cretu, SVP & CMO
Staci@RunSafeSecurity.com
https://runsafesecurity.com

RunSafe Security Announces Partnership with Four Inc.

RunSafe Security and Four Inc. Partner to Bring Cyber Protections to Critical Systems and Applications in the Public Sector MCLEAN, Va. – January 30, 2024 – RunSafe Security,  the pioneer of a patented process to immunize software from cyberattacks without...

read more