AUSTIN, Texas – September 6, 2023 – NetRise, the company providing granular visibility into the world's Extended Internet of Things (XIoT) security problem — encompassing the modern firmware and software component security challenges of IT, OT, IoT, and other connected cyber-physical systems — today announced the company has been accepted for the Approved Product List (APL) through the Continuous Diagnostics and Mitigation (CDM) Program, where the Department of Homeland Security (DHS) seeks to strengthen federal agencies' ability to secure their networks against the ever-increasing threat of cyberattacks.
The Cybersecurity and Infrastructure Security Agency's (CISA) CDM Program dynamically fortifies the cybersecurity of civilian government networks and systems with real-time risk monitoring and defense. The CDM program provides cybersecurity tools, integration services, and dashboards to participating federal agencies to support them in improving their respective security posture.
Unlike legacy solutions, the NetRise automated platform offers crucial visibility into the 'black boxes' of XIoT devices. NetRise's next-generation firmware and IoT security platform protects organizations from firmware-based attacks and threats by enabling users to continuously identify and monitor risks in the software components of devices. NetRise supports the federal government's effort to secure the vast number of XIoT devices that serve the public sector and citizens nationwide. NetRise’s novel approach to addressing firmware vulnerabilities and software asset management within IT infrastructure bolsters the risk management of environments, providing valuable and unique benefits which will greatly aid in efforts to avert incursions impacting national security.
"Being added to the CDM's APL is a testament to NetRise's firmware security and deep risk visibility with its continuous monitoring and analysis capabilities," said Thomas Pace, CEO of NetRise. "This acceptance expands our footprint in the federal market and reaffirms the importance of our technology in empowering agencies to identify and mitigate cybersecurity vulnerabilities effectively. Joining the program underscores the NetRise platform's ability to deliver the most comprehensive understanding of risks associated with connected devices through its continuous analysis, monitoring, and real-time risk tracking."
The NetRise platform is well positioned and aligns with the CDM program's goals by providing next-generation firmware analysis, identifying risks in device firmware and software components. NetRise provides firmware visibility, vulnerability management, and insights into the underlying "ingredients" of firmware devices, identifying the latent risks and vulnerabilities within IoT, ICS, connected vehicles, medical devices, satellites, and telecom devices.
CDM-approved key features and capabilities of the NetRise platform include:
- SBOM Management (Software Bill of Materials): Generate, ingest, and enrich SBOMs for comprehensive visibility into the software components of each device.
- Risk and Vulnerability Management: Understanding what is on the network, the integrity of systems and information, and assessing and prioritizing risk based on potential impact and exploitability.
- Compliance Adherence: Determine if third-party code is introducing legal and compliance issues.
- Real-Time Risk Tracking: Attain continuously updated tracking of device risk beyond CVEs with CISA KEV catalog support.
- Product Build Assurance: Understanding the risk level of device builds and the cybersecurity impact of potential updates or changes.
To learn more about how the NetRise platform supports government agencies with visibility into devices' underlying risks, please visit https://www.netrise.io/platform.
Based in Austin, Texas, NetRise was built by defensive cyber experts bred across the private sector, intelligence community and U.S. federal government to solve the firmware security problem. The company is currently partnering with companies across manufacturing, automotive, medical devices, industrial control systems, satellites and many more. https://www.netrise.io/