WebsiteGear Logo Log In
New User? Sign Up
About | Contact | FAQ
HOME ACCOUNT PRODUCTS NEWS ARTICLES DIRECTORY CLASSIFIEDS FORUMS TOOLS
* Post a FREE Ad on WebsiteGear Classifieds !
  Home News Technology Internet Security Thursday, March 27, 2025 
Add Press Release News | News Feeds Feeds | Email This News Email


NetRise Improves Supply Chain Transparency and Security with Vulnerability Exploitability eXchange (VEX)
Wednesday, May 15, 2024

XIoT security firm now offers VEX, enhanced asset extraction and analysis, and new search capabilities to provide results with greater accuracy.

AUSTIN, Texas, May 7, 2024 /PRNewswire/ -- NetRise, the company providing granular visibility into the world's Extended Internet of Things (XIoT) security problem -- encompassing the modern firmware and software component security challenges of IT, OT, IoT, and other connected cyber-physical systems -- today announced support for creating Vulnerability Exploitability eXchange (VEX) documents to help organizations track and convey risk associated with the software they are manufacturing or consuming.

VEX documents are commonly found alongside Software Bill of Materials (SBOMs) and allow software, firmware, and device developers to convey if an asset is or is not affected by a particular vulnerability. The developer can also provide recommendations and workarounds in a standardized, machine-readable format. Asset owners and operators then consume VEX information to help influence vulnerability and risk management processes.

Users of the NetRise Platform now have a single solution that allows them to identify software components in their software and XIoT assets, automatically discover the vulnerabilities that affect them, triage the vulnerabilities, and generate SBOM and VEX documents that exceed the minimum requirements defined by the National Telecommunications and Information Administration.

Understanding the SBOM and VEX specifications that meet the minimum standards is daunting and time-consuming for many organizations. By using the NetRise Platform, organizations can be confident they are generating documents that adhere to the specifications without needing to be intimately familiar with them, which is especially important for organizations with limited development or security resources as well as those who are or may become required to comply with Executive Order 14028.

Key new features and capabilities include:

    --  VEX: Organizations can apply VEX statuses to vulnerabilities in a
        report, track if an asset is affected by a vulnerability identified in a
        software component, and communicate vulnerabilities to external
        stakeholders.
    --  Enhanced Asset Extraction and Analysis: The platform now includes a
        newly improved extraction engine that is file agnostic and significantly
        improves how "file systems" are handled in various formats.
    --  New Search Experience: NetRise's enhanced artifact search experience
        provides results at greater accuracy, speed, and filtering capabilities.
        Artifact search allows organizations to quickly identify where any data
        point (CVE, component, hardcoded authentication credential, file hash,
        etc.) exists in their assets.
    --  Comprehensive Vulnerability Prioritization: The NetRise platform now
        incorporates a new prioritization tool that simplifies identifying
        critical-risk vulnerabilities by combining Exploit Prediction Scoring
        System (EPSS) and Common Vulnerability Scoring System (CVSS) scores. The
        prioritization feature effectively guides organizations to focus on the
        highest-risk vulnerabilities first, reducing response times and
        improving remediation efficacy.

"Our latest updates address the critical challenges organizations face when mitigating risks in firmware and software components to secure their connected devices," said Thomas Pace, CEO of NetRise. "We are a customer-first organization, which means that we continuously anticipate and respond to our customers' needs. One of our customers' most requested features has been access to vulnerability remediations and VEX statuses. I'm excited that we are now able to provide this, and look forward to seeing how they use it and how VEX continues to evolve. With our new offerings, we are empowering organizations with advanced vulnerability insights, simplified workflows, and a more complete, secure SBOM."

Resources

    --  Meet NetRise: Request a meeting with our team in San Francisco for the
        RSA Conference 2024 from 5/6-5/9.
    --  Hottest Innovators: Join us at this exclusive invite-only event on 5/7
        from 3-6 pm PT at Southside Spirit House, 575 Howard St, San Francisco,
        CA 94105.
    --  Happy Hour: RSVP now to attend an RSA happy hour on 5/7 & 5/8 from
        5-6:30 p.m. PT at The Grove, 690 Mission St, San Francisco, CA 94105.
    --  To learn more about our events, schedule a demo, or meet with us, please
        visit https://www.netrise.io/company/events/rsac-24.
    --  For more information about NetRise's new features and VEX capabilities,
        visit
        https://www.netrise.io/platform/software-bill-materials-management.

About NetRise
Based in Austin, Texas, NetRise was built by defensive cyber experts bred across the private sector, intelligence community, and the U.S. federal government to solve the firmware security problem. The company is partnering with companies across manufacturing, automotive, medical devices, industrial control systems, satellites, and many more. https://www.netrise.io/

Media Contact:
Michelle Yusupov
Hi-Touch PR
443-857-9468
yusupov@hi-touchpr.com

View original content to download multimedia:https://www.prnewswire.com/news-releases/netrise-improves-supply-chain-transparency-and-security-with-vulnerability-exploitability-exchange-vex-302131942.html

SOURCE NetRise



Email This News Email | Submit To Slashdot Slashdot | Submit To Digg.com Digg | Submit To del.icio.us Del.icio.us | News Feeds Feeds

RELATED NEWS ARTICLES
Nav EXECUTIVE PRODUCER BRADLEY COOPER'S FILM CAREGIVING TO PREMIERE ON PBS FOR NATIONWIDE BROADCAST JUNE 24 STREAMING BEGINS MAY 27 | Mar 27, 2025
Nav Indusface redefines WAAP user experience with industry-first innovations in AppTrana | Mar 27, 2025
Nav Splitit Unveils First Fully Embedded White-Label Installment Solution for Shopify Merchants | Mar 27, 2025
Nav /C O R R E C T I O N -- Bell Canada (MTL)/ | Mar 27, 2025
Nav Identity Theft After a Data Breach? Legal Action May Recover Your Losses | Console & Associates | Mar 27, 2025
Nav Hornetsecurity named Top Player in Radicati's Secure Email - Market Quadrant 2025 | Mar 27, 2025
Nav Ontinue Research Reveals Ransomware Attacks Surged 132% Despite 35% Drop in Payments | Mar 27, 2025
Nav Trend Micro Launches Voice-Enabled ScamCheck Capability to Help Protect Consumers from the Rising Threat of Global Scams | Mar 27, 2025
Nav BFSI Security Summit 2025 to Address Rising Cybersecurity Threats in Africa's Financial Sector | Mar 27, 2025
Nav Keeper Security Unveils Latest WearOS App for Seamless Password Management | Mar 27, 2025
NEWS SEARCH
Survey Software
Survey Software
Click Tracking Software
Click Tracking
Poll Software
Poll Software
Rating Software
Rating Software
FEATURED NEWS | POPULAR NEWS
Submit News | View More News View More News
Copyright © 2003-2025 WebsiteGear Inc. All rights reserved. WEBSITEGEAR® is a registered trademark of WebsiteGear Inc.