NetRise now part of DHS Continuous Diagnostics and Mitigation approved products list

XIoT security firm NetRise announced Wednesday that it has been accepted for the Approved Product List (APL) through the Continuous Diagnostics and Mitigation (CDM) Program. The initiative aims to strengthen federal agencies’ ability to secure their networks against the ever-increasing threat of cyberattacks. It is led by the U.S. Department of Homeland Security (DHS).

Unlike legacy solutions, the NetRise automated platform offers ‘crucial’ visibility into the ‘black boxes’ of XIoT (Extended Internet of Things) devices. NetRise’s next-generation firmware and IoT security platform protect organizations from firmware-based attacks and threats by enabling users to continuously identify and monitor risks in the software components of devices. NetRise supports the federal government’s effort to secure a vast number of XIoT devices that serve the public sector and citizens nationwide. 

The Austin, Texas-based company’s novel approach to addressing firmware vulnerabilities and software asset management within IT infrastructure bolsters the risk management of environments, providing valuable and unique benefits that will aid in efforts to avert incursions impacting national security.

The Cybersecurity and Infrastructure Security Agency’s (CISA) CDM Program works towards fortifying the cybersecurity of civilian government networks and systems with real-time risk monitoring and defense. The CDM program provides cybersecurity tools, integration services, and dashboards to participating federal agencies to support them in improving their respective security posture.

“Being added to the CDM’s APL is a testament to NetRise’s firmware security and deep risk visibility with its continuous monitoring and analysis capabilities,” Thomas Pace, CEO of NetRise, said in a media statement. “This acceptance expands our footprint in the federal market and reaffirms the importance of our technology in empowering agencies to identify and mitigate cybersecurity vulnerabilities effectively. Joining the program underscores the NetRise platform’s ability to deliver the most comprehensive understanding of risks associated with connected devices through its continuous analysis, monitoring, and real-time risk tracking.”

The NetRise platform aligns with the CDM program’s goals by providing next-generation firmware analysis, and identifying risks in device firmware and software components. NetRise provides firmware visibility, vulnerability management, and insights into the underlying ‘ingredients’ of firmware devices, identifying the latent risks and vulnerabilities within IoT, ICS, connected vehicles, medical devices, satellites, and telecom devices. 

CDM-approved key features and capabilities of the NetRise platform include SBOM Management (Software Bill of Materials) that generates, ingests, and enriches SBOMs for comprehensive visibility into the software components of each device. Its risk and vulnerability management provides an understanding of what is on the network, the integrity of systems and information, and assessing and prioritizing risk based on potential impact and exploitability.

It also delivers compliance adherence by determining if third-party code is introducing legal and compliance issues, real-time risk tracking can attain continuously updated tracking of device risk beyond CVEs with CISA KEV catalog support, and product build assurance that understands the risk level of device builds and the cybersecurity impact of potential updates or changes.

Last month, NetRise partnered with Medcrypt to address critical cybersecurity challenges in the healthcare industry. The deal will provide medical device manufacturers (MDMs) with an SBOM lifecycle management solution that will empower device makers to proactively identify and address potential security risks and ensure the safety and integrity of their medical devices.

Industrial Cyber News Desk

Industrial Cyber News Desk