Product security leader partners with leading supply chain evidence and visibility organization to accelerate the transparent collaboration of risk analysis and SBOM sharing between device manufacturers and asset owners that is needed to secure the software supply chain.
Finite State, the leader in product and supply chain security, and RKVST announce a partnership to bring together Finite State’s industry-leading product security automation with RKVST’s zero trust-based supply chain evidence platform. The partnership will focus on bringing visibility to a major market need: collaboration between device manufacturers and asset owners to secure the software supply chain.
With the number of IoT and OT devices expected to surpass 25 billion by the end of this year, product security risks across the software supply chain threaten the embedded systems that form the foundation of our critical infrastructure, medical devices, and connected vehicles.
The Finite State Partnership Program advances our mission of enabling product security teams and asset owners to better protect these connected devices. The program offers strategic product supply chain security partners a way to team up with other connected device security approaches and comprehensively discover, assess, prioritize, remediate, and respond to vulnerabilities, weaknesses, and other threats.
Device manufacturers and asset owners recognize the need to empower their product security and risk management teams to continuously and accurately respond to emerging connected-device threats. The Finite State-RKVST partnership combines the deep expertise and innovation of two industry leaders in product and supply chain security, binary software composition and analysis (SCA), vulnerability and threat intelligence, and zero trust architecture in an alliance that provides provenance, governance, and immutability of shared data in order to secure the software supply chain.
“As the software supply chain continues to emerge as a highly targeted attack surface, it is essential for OT and IoT to innovate and evolve operationally to deliver software transparency to validate the security state of components continuously,” said Tom Bain, EVP, Marketing, Finite State. “In partnering with RKVST, we are blending a zero-trust approach with a binary-based, deep-dive validation of IoT and OT software and firmware to deliver a best-in-class approach to the market that’s predicated on providing unparalleled visibility to reduce supply chain risk at-scale.”
“The RKVST evidence platform delivers a reliable chain of custody for supply chain data. It provides continuous visibility of data across supply chains and supply chain partners, proves and verifies who did what when to any physical or digital asset, automates workflows and provides auditable evidence you can rely on for critical decision making,” said Rob Brown, VP Business Development, RKVST. “The partnership with Finite State enables people to easily automate the exchange of OT and IoT cybersecurity evidence at scale and use that information to make reliable decisions.”
To learn more about the Finite State Partnership Program, please visit our Partnership Information page at https://finitestate.io/partners.