Contact Us
Menu
Contact Us
NetRiseCubes

NetRise News & Blog

by Mark Hauptman, on Sep 29, 2022 11:36:26 AM

Over the past 16 months the federal government has issued a number of directives to enhance the security of its computer systems and the data that resides on those systems. The Executive Order (EO) 14028 issued on May 12, 2021 required a number of initiatives to enhance the government’s cybersecurity posture including enhancing the security of the software supply chain. That Executive Order has been reinforced with the issuance of M-22-18 by the Office of …

Read Story

by Brad LaPorte, on Sep 8, 2022 8:00:00 AM

A device, with respect to information technology, is any equipment or associated software ranging from programs, languages, or associated documentation that is designed for the purpose of utilizing information stored in a digital format. Devices in this context include but are not limited to computer systems, computer networks, and computer equipment used for input, output, processing, storage, organization, and display for any user’s intended purpose. In any 21st-century professional setting, devices are connected using the …

Read Story

by NetRise, on Aug 29, 2022 10:10:53 AM

NetRise is proud to announce its completion of SOC 2 Type I (System and Organization Controls) compliance, less than two years from its inception. The SOC 2 Type I certification indicates that a verified third party has thoroughly reviewed NetRise's business and product elements (software, data, policies, procedures, people, operations, and more) and deemed them in compliance with SOC 2 Type I requirements. Being in the security industry, NetRise undoubtedly recognizes the importance of securing …

Read Story

by NetRise, on Aug 8, 2022 12:00:00 AM

AUSTIN, Texas, August 8, 2022 -- NetRise, the company providing visibility into the world's XIoT security problem, announced today the release of the NetRise Platform, which is the industry’s first solution providing insights into shared vulnerabilities across XIoT firmware images in an organization. NetRise is a cloud-based SaaS platform that analyzes and continuously monitors the firmware of XIoT devices. The firmware images are then dissected, presenting all of the key data, artifacts, and risk in …

Read Story

by NetRise, on Aug 1, 2022 10:45:38 AM

AUSTIN, Texas, Aug. 1, 2022 /PRNewswire/ -- NetRise, the company solving the world's XIoT (Extended Internet of Things) security problem, announced today the addition of Stuart McClure, Former CEO of Cylance, to the company's Board of Directors. "NetRise is one of the most innovative and promising early-stage cybersecurity companies I have had the pleasure of advising. Joining the Board of Directors gives me the opportunity to help set the strategic direction of the company along with its day to …

Read Story

by NetRise, on Jul 27, 2022 11:48:31 AM

AUSTIN, July 26, 2022 /PRNewswire/ -- NetRise, the company providing visibility into the world's XIoT security problem, and Fortress Information Security, the nation's leading cybersecurity provider for critical infrastructure organizations with digitized assets, announced today a strategic partnership. This partnership gives Fortress Information Security's global customers access to the most advanced firmware binary analysis platform on the planet. The NetRise team's experience in data science, machine learning, and software reverse engineering dramatically expands Fortress customers' ability to identify and …

Read Story

by NetRise, on Jun 28, 2022 10:01:09 AM

In a recent post we identified the problem of “zero-awareness” – businesses often don’t know what xIoT devices are attached to their network and what risks and vulnerabilities those devices have. Why this problem exists is a conundrum, both easy to explain and impossible to explain. The easy explanation is that xIoT devices typically run firmware and our traditional security tools deal with software, not firmware. The conundrum is that firmware is software, so why …

Read Story

by NetRise, on May 31, 2022 9:51:33 AM

Risk management is a big part of running a business these days, especially in IT circles. Not only are threat actors always evolving and enhancing their attacks, but also the attack surface of organizations is constantly growing. The advent of IoT introduced literally millions if not billions of new devices for hackers to potentially exploit. Have you considered who really owns the risk associated with xIoT devices? Imagine it’s 2014 and your router was compromised …

Read Story

by Tom Alrich, on May 12, 2022 8:46:39 PM

I recently wrote two posts (the second one is here) about a chilling revelation that Tom Pace of NetRise made at an informal meeting I recently attended. NetRise specializes in firmware security, and Tom has  noted that a huge percentage of software and firmware products aren’t registered at all in the National Vulnerability Database (NVD), meaning there’s no CPE name registered for the product. This means there has never been a single vulnerability reported for the product. Thus, if …

Read Story

by Tom Alrich, on May 9, 2022 1:37:51 PM

A recent post described a presentation I saw last Friday by Tom Pace of NetRise, describing what seems to be a huge security problem. To summarize it: Do you think products with a lot of open vulnerabilities - as indicated by CVE’s listed for the product in the National Vulnerability Database (NVD) - are dangerous and should be avoided? If so, you’re right. By the same token, do you think a product with no open vulnerabilities – …

Read Story

Subscribe to Newsletter