New capabilities supercharge SBOM and vulnerability management with new AI functionality, risk, and asset management capabilities for streamlined regulatory compliance
TEL AVIV, Israel, February 15, 2024 – Cybellum, creators of the award-winning Product Security Platform, announced the latest major release, V2.38 of their Product Security Platform. Following the joint announcement with LG Electronics at CES 2024, this release introduces the CSMS Cockpit, enabling automotive OEMs and device manufacturers to significantly improve their cybersecurity management capabilities with a comprehensive view of product risk, security activities, and requirement validation status.
The new release offers advanced asset management capabilities, including SBOM Auto-Fix, which provides automatic error detection and correction when uploading CycloneDX or SPDX SBOM files. It also includes custom package management for including custom, in-house developed packages, and commercially sourced ones. Cybellum V2.38 also includes the automatic correction of non-authoritative CPEs for improving SBOM accuracy and vulnerability management by automatically identifying and suggesting alternative, authoritative CPEs for unidentified/faulty ones.
In addition, the new release provides role-based approvals, enabling manufacturers to manage complete and accurate SBOMs that can be reliably shared and used for vulnerability management and incident response as required for existing and emerging regulations.
“The latest update to Cybellum’s Product Security Platform doesn’t just enhance features, it empowers a paradigm shift in how organizations manage product security,” says Asaf Atzmon, Chief Product Officer at Cybellum. “With capabilities like AI-powered vulnerability filtering and automated SBOM repair, we are reducing resources required, streamlining compliance, accelerating response times, and ultimately making connected devices safer for everyone.”
The rollout includes the groundbreaking Ask Roman AI co-pilot that reduces the time and resources required for vulnerability triaging and remediation. Together with the VM Co-pilot, this new capability allows teams to quickly filter out irrelevant vulnerabilities and pinpoint the ones that could actually have an impact on their products. It provides detailed mitigation recommendations and helps to identify which vulnerabilities can be found in products that have already been deployed in the market. In addition, the new release includes support for the CISA KEV Catalog, to address regulatory requirements such as FDA PMA by leveraging CISA’s Known Exploited Vulnerabilities data within the platform.
Book a demo here to see these new features in action.
About Cybellum
Cybellum is where teams do product security.
Device manufacturers such as Jaguar Land Rover, Supermicro, Danaher, and Rolls Royce use Cybellum’s Product Security Platform and Synergy Services to manage the main aspects of their cybersecurity operations across business units and lifecycle staghttp://www.cybellum.com/es. From Software Bill of Materials (SBOM) to Vulnerability Management, Compliance Validation, and Incident Response, teams ensure their connected products are fundamentally secure and compliant – and stay that way.