Supply Chain Secure

Discover | Hack | Alert



Hack Your Supply Chain

Supply Chain Secure is designed to:

  • Discover all of your 3rd Party assets:
    • APIs, SDKs, Open Source
    • Cloud, Mobile, Web Services
  • Hack 3rd Party Attack Surfaces
  • Automate Vendor Management
  • Ingest software bill of materials (SBOM) files
  • Create dynamic SBOM inventory listings based on full-stack analysis

Our analyzer engine discovers third-party assets across the application full-stack using runtime analysis (dynamic, interactive security testing)

Continuously Discover Your Third-Party Assets and Attack Surfaces

Supply Chain Secure discovers third-party APIs, cloud services, SDKs, and open source software assets across the application full-stack.

Discover Your Software Supply Chain

1. Begin by marking your most important mobile and web apps (first party) and your third-party vendors and suppliers. Upload your SBOM files for ingestion.

2. The Analyzer Engine will conduct full-stack analysis across first and third party APIs, cloud services, SDKs, and open sources libraries.

3. Take action by identifying third party supply chain attack surfaces within your applications, opening policy violations, and listing your SBOM inventories. Create alerts on proactive security measures that your vendors and suppliers may or may not have in place.

Manage SBOM Inventory

Data Theorem’s Supply Chain Secure product allows customers to ingest all of their SBOM files to be processed by its Analyzer Engine. As an output, Data Theorem's Supply Chain Secure pipeline will generate a comprehensive SBOM Inventory listing based on multiple sources including SBOM files and full-stack application analysis.

SBOM is defined as a “formal record containing the details and supply chain relationships of various components used in building software. Software developers and vendors often create products by assembling existing open source and commercial software components. The SBOM enumerates these components in a product. It is analogous to a list of ingredients on food packaging.”

According to Gartner®, “Seventy-two percent of business professionals expect their third-party networks to expand moderately or significantly in the next three years.” In another report, Gartner stated that, “By 2025, 45 percent of organizations worldwide will have experienced attacks on their software supply chain, a three-fold increase from 2021.”
Gartner, “Improve Third-Party Risk Management by Clarifying Procurement’s Role”, Procurement Research Team, 16 Augugust 16 2021
Gartner, “How Software Engineering Leaders Can Mitigate Software Supply Chain Security Risks,” by Manjunath Bhat, Dale Gardner, and Mark Horvath, 15 July 15 2021