Additional Info

Websitehttp://www.reversinglabs.com
Company size (employees)100 to 499
Headquarters RegionNorth America

Overview

Companies that produce software critical for their business or for customers are under attack. Cybercriminals and nation-state actors have expanded their operations from corporate networks and data centers to software supply chains. The SolarWinds SunBurst attack of 2020 is a high-profile example of this shift in the threat landscape -but hardly the only example.

Enlisted by SolarWinds to help it assess and recover from the SunBurst attack, ReversingLabs quickly identified the source of the incident: compiled software binaries that were compromised with so-called “back doors.” Existing application security solutions couldn’t detect this malicious behavior because they were unable to analyze all components and software layers.

To assist other companies in mitigating supply chain risks,ReversingLabs introduced its Managed Software Assurance Service, which uses the company’s deep reservoir of malicious code research and threat intelligence to identify threats in software BEFORE it is released to customers.

ReversingLabs Managed Software Assurance Service also makes identifying risks in applications fast and easy; Customers can simply upload software packages to Secure.Software. ReversingLabs takes the uploaded binary and analyzes every application layer, extracting the embedded components, cataloging them in a software bill of materials, and inspecting each for threats, quality issues, and policy violations. Problems are identified and scored. An overall grade representing the software package quality is provided, making it easy to gauge the cyber risks posed by the software package. Application developers can use the service to eliminate threats and ensure that compromised software is never pushed out the door. Downstream consumers of the software can feel more comfortable that the applications they are deploying don’t harbor unseen threats.

How we are different

ReversingLabs Generates a Complete Software Bill of Materials (SBOM): Other available software composition analysis solutions don’t identify the many components within proprietary and open source software package, which hide preventable security issues and create potential vectors of compromise. The ReversingLabs service inspects every application layer including an in-depth analysis of 400+ file formats commonly used to package software. It then automatically generates a complete SBOM for any in-house developed or third-party software without requiring any vendor assistance.


ReversingLabs Audits Behaviors and Checks for Malware: An Enterprise Security Group (ESG) eBook reports that 48 percent of organizations regularly push vulnerable code. That’s because other software assurance solutions fail to thoroughly inspect complex software layers that result in malware detection gaps. ReversingLabs recognizes that build environments are perfect targets for malicious backdoor code injection which is why it checks every application layer for malicious code intent. This prevents the deployment of software releases containing hidden malware or injected backdoor code. It also allows companies to take control of application behaviors and eliminate supply chain attacks through powerful code behavior tracking.


Minimize Vulnerability Risk Surface Area: By one estimate, 60 percent of organizations have had production application vulnerabilities exploited. That is because software build tools don’t reliably enforce vulnerability mitigations across the release package, allowing easy-to-exploit flaws to make it into production code. ReversingLabs’ service audits every application component for known and actively exploited vulnerabilities, keeping software components up-to-date and fortifying existing code to make even undiscovered vulnerabilities harder to exploit.