26 Jan 2022
We’ve been a little busy with some forward thinking security SBOM-meisters over at Jitsuin in recent months. If you’ve not heard of them, they came up with the clever idea to provide a secured system that lets software producers and consumers share software bills of materials (aka SBOMs). Not only does this make it easy to lookup any particular component that has gone haywire or needs to be summoned for review, it also enables fast and easy sharing of such information with your trusted parties. The major benefit of their service is that this adds to the trust and transparency of shared systems. Think about those moments when a critical vulnerability is announced and you need to alert the team (inside/outside your organisation) to find it asap, or when you have to complete an audit. It’s a big benefit in time saved for the effort needed to take action quickly. Searching and trumpeting attention through the software supply chain of interconnected devices and systems will be simpler with your software bills of materials stored on RKVST SBOM Hub.
Abridged press release below.
London, UK and Santa Clara, USA. 26th January 2022. Jitsuin Inc, a pioneer in continuous assurance of critical assets, and Meterian, a leader in software automation and vulnerability detection, have teamed up to offer software publishers automated creation and secure distribution of Software Bills of Material (SBOMs). The integration between Meterian’s Boost Open-Source Software Scanner (BOSS) and Jitsuin’s RKVST SBOM Hub enables software publishers to automatically generate, store and distribute their SBOMs in public or private.
Meterian’s BOSS Scanner is a vulnerability detection and risk management system that delivers comprehensive component licensing and security control while automatically generating SBOMs. Jitsuin’s recently launched RKVST SBOM Hub is the first shared repository for publishers and subscribers to find and fetch the SBOMs they need. The integration of these two products allows software publishers to easily store, retrieve, publish and distribute SBOMs with full governance.
- Developers, InfoSec and Governance Risk & Compliance teams can collaborate to mitigate vulnerabilities.
- Authorized SBOM consumers can automatically retrieve the latest updates with full provenance and immutable history.
- SBOM consumers can act fast on the latest data knowing it is trustworthy.