Centralized product management and security insights, coupled with advanced automation and AI, streamline risk management and cyber compliance for greater operational efficiency.
Tel Aviv, May 15, 2024 – Cybellum, creators of the Product Security Platform, announced today the release of the Product Security Platform 3.0: Risk Edition. This new platform empowers teams to continuously manage product cyber risk and systematically comply with regulations – all with greater efficiency and scale. New features in this release include threat modeling, SBOM merging, fuzzing support, and more, providing management with a comprehensive view of product security risk from one governance dashboard.
The release follows the four main pillars of Product Security, which include risk management, compliance, product assurance, and asset management.
- Risk management: Building upon the success of our CSMS Cockpit debut at CES (co-designed with LG), Cybellum’s Product Security Platform 3.0 enhances risk management by seamlessly integrating asset data with all security activities and findings, creating a unified product security landscape. This comprehensive view empowers device manufacturers to make informed decisions and effectively prioritize risk mitigation. Dashboards tailored to specific use-cases and KPIs offer clear insights into risk exposure, allowing customers to guide teams towards optimal product security outcomes.
- Compliance: The Product Security Platform 3.0 removes the burden of getting ready for regulatory compliance, with a new Product Compliance Manager for regulations and standards such as the FDA’s premarket guidelines, ISO/SAE 21434, IEC 62443, EU CRA and others. It generates audit-ready reports based on regulation-specific report templates that can be customized to meet any regulation or standard, collects external evidence, and tracks report preparation progress – significantly reducing the burden of compliance documents management.
- Product Assurance: Threat Modeling / TARA is now integrated into the product assurance process as another source of threat data, facilitating vulnerability handling, and strengthening proactive threat models to improve product security and threat modeling ROI. The new release will also integrate security test results from 3rd party tools including pen-testing, fuzz testing, SAST data, and threat feeds.
- Asset Management: Product security depends on high-fidelity SBOMs and asset definitions. The Product Security Platform streamlines asset management for better quality and reliability. It lets you merge SBOMs from multiple sources (3rd party scanners, SBOM files and Cybellum’s own binary analysis engine) for a complete picture of your software. You can even autofix SBOMs to improve data accuracy, and manage custom packages for proprietary or third-party components for complete SBOMs that meet and exceed industry standards (such as the NTIA’s Minimum Elements of an SBOM).
Powering the implementation of The Product Security Platform, Cybellum’s Synergy Services provides customized deployment tailored to each manufacturer’s product development “Regulators have made cybersecurity a major requirement in recent compliance guidelines,” says Slava Bronfman, Co-Founder & CEO of Cybellum. “Cybellum’s Product Security Platform 3.0: Risk Edition enables manufacturers and suppliers to harness the power of data and automation to gain a competitive edge and continuously manage product cyber risk with threat modeling and AI-powered insights. This allows for systematic compliance with regulations at scale, all while reducing costs and resource consumption, streamlining operations, and improving efficiency processes and environment.”
About Cybellum
Cybellum is where teams do product security. Device manufacturers such as Jaguar Land Rover, Audi, Faurecia, Supermicro, Danaher, and Rolls Royce use Cybellum’s Product Security Platform and services to manage the main aspects of their cybersecurity operations across business units and lifecycle stages. From Software Bill of Materials (SBOM) to Vulnerability Management, Compliance Validation, and Incident Response, teams ensure their connected products are fundamentally secure and compliant – and stay that way. To learn more visit www.cybellum.com
Media Contact:
Cybellum
Annette Habani
+972 547799888
[email protected]