Labrador Labs (Kim Jinseok and Lee Heejo, Co-CEOs) released ‘Labrador OSS v2.0’, an open source software detection solution. The SCA tool can easily and accurately detect open source vulnerabilities and license infringements and generates SBOM (Software Bill of Material) for security risk management. Customers can see a list of components that consists of their software through SBOM and check relevant security vulnerabilities or licenses.
Labrador Introduction
Labrador OSS v2.0 implemented VUDDY, an algorithm that lowered the false alarms down to zero, patented in the USA and Korea. VUDDY preprocesses code twice as fast and detects 1000 times faster components with a higher accuracy than technologies presented during the IEEE S&P security conference.
Labrador OSS v2.0 can not only be used by developers or security experts but also by general SW managers and testers. Labrador OSS, with a few clicks, from detection to resolution, enables companies to save time and money.Labrador OSS v2.0 can not only be used by developers or security experts but also by general SW managers and testers. Labrador OSS, with a few clicks, from detection to resolution, enables companies to save time and money.
Labrador OSS v2.0 can also be used in all industries: public sector, manufacturing, telecommunications finance and more. The increasing importance of Software Supply Chain Management leads to the frequent use of external software modules such as open source code reuse and library links, making it even harder for users to find hidden risks. Labrador OSS can effectively manage customers’ license issues and vulnerability risks by showing the software components via SBOM.
Interview of Jinseok KIM, CEO at Labrador Labs
– Why did you develop this service?
▲ More than 10,000 new open source projects are being created every day around the world, and companies and institutions are actively using open source for their digital capabilities. 99% of the respondents in a related survey said that they use open source, and the open source they use accounts for about 70% of the whole. As a rise of open source, threats of open source security and risks of license violation are also increasing. We developed our service to automatically analyze vulnerabilities and license issues in open source and to prevent potential risks.
– Any plans to provide Labrador OSS v2.0 worldwide?
▲ We have partnered with German organizations to offer our services. We are also planning to expand our references to manufacturers, telecommunications and finances in the US. Furthermore, we have concluded a partnership with a Korean security firm that has branches in China.
– Any plans to develop and launch new products in the future?
▲ We will be releasing Labrador Fuzzer, a wireless communication protocol vulnerability analyzer. We also plan on releasing Labrador Container, a container images analyzer and Labrador Binary, an binary OSS vulnerability analyzer to eventually build an integrated vulnerability analysis platform that only Labrador Labs can provide.
Excerpts from ETNews (Korean):
https://www.etnews.com/20220919000072