Supply Chain Secure is designed to:
Our analyzer engine discovers third-party assets across the application full-stack using runtime analysis (dynamic, interactive security testing)
Supply Chain Secure discovers third-party APIs, cloud services, SDKs, and open source software assets across the application full-stack.
1. Begin by marking your most important mobile and web apps (first party) and your third-party vendors and suppliers. Upload your SBOM files for ingestion.
2. The Analyzer Engine will conduct full-stack analysis across first and third party APIs, cloud services, SDKs, and open sources libraries.
3. Take action by identifying third party supply chain attack surfaces within your applications, opening policy violations, and listing your SBOM inventories. Create alerts on proactive security measures that your vendors and suppliers may or may not have in place.
Data Theorem’s Supply Chain Secure product allows customers to ingest all of their SBOM files to be processed by its Analyzer Engine. As an output, Data Theorem's Supply Chain Secure pipeline will generate a comprehensive SBOM Inventory listing based on multiple sources including SBOM files and full-stack application analysis.
SBOM is defined as a “formal record containing the details and supply chain relationships of various components used in building software. Software developers and vendors often create products by assembling existing open source and commercial software components. The SBOM enumerates these components in a product. It is analogous to a list of ingredients on food packaging.”