The Austin-based firm is partnering with Asc3nd Technologies Group to deploy its software supply chain risk management platform. Instead of relying solely on vendor-provided attestations, the service utilizes independent binary analysis to inspect compiled artifacts across firmware, operating systems, and containers. This approach seeks to provide a granular inventory of what is actually running in production environments, rather than what is documented on paper.
This shift arrives as federal agencies face mounting pressure from recent directives, including CISA Binding Operational Directive 26-04, which mandates risk-based prioritization for remediation. NetRise’s platform incorporates 'Provenance' intelligence to map components to their original maintainers and geographic regions, helping agencies assess the potential blast radius of compromised dependencies. The move also targets requirements set by recent executive orders regarding artificial intelligence and post-quantum cryptography, where identifying specific embedded cryptographic algorithms is becoming a critical compliance hurdle.




Comments (0)
No comments yet. Be the first!