Supports SBoM global standard format… prevents the possible SW supply chain attacks caused by open source software reuses
IT/OT device manufacturers being able to correspond the global standard formats and US governmental requirements
IOTCUBE, an open source vulnerability-check solution developer, has announced the release of its developed Labrador OSS 2.0. Labrador OSS with high detection accuracy and convenient patch recommendations, analyzes SW developed by users and provides SBOM (Software Bill of Materials) containing the configuration information of all SWs such as open-source components and libraries. Furthermore, security vulnerabilities and license issues can be analyzed according to the SW components.
In May 2021, a US executive order has mandated the provision of SBoM for all software-embedded devices provided to the government and Gartner predicts that SBoM will be required in 50% of all global transactions in 2025, making SBoM an important issue at a time when digitalization accelerates. In this line, Labrador has developed a SBoM compatibility with international standards such as SPDX and CycloneDX.
While the importance of SW supply chain management has recently increased, copied source code and the increased use of external modules such as library link and other complex submodules such as dependencies makes it difficult to mitigate hidden risks. Customers themselves unknowingly violate licenses and are easily exposed to vulnerabilities. Labrador OSS shows with easy SW components and provides licenses & vulnerability risks information for customers to address them.
Labrador OSS, thanks to the US & Korea-patented technologies, VUDDY© & CENTRIS© , has an increased accuracy through multi-factor inspection method, analyzing code snippets in file and function components. This way, hidden security vulnerabilities within components can be found and modified open-source software can be accurately detected. Labrador OSS is currently used by major public institutions and companies for its excellent detection accuracy and ease of use compared to other solutions.
IOTCUBE CEO Jinseok Kim said, ”With the recent surge in open source, we have increased reliability to accurately eliminate risks before running customers operating and enhanced expertise by providing SBoM in international standard formats” adding “We will actively support our customer environment in the future.”
Original article link :
https://www.boannews.com/media/view.asp?idx=99893&kind=