Software supply chain security company ReversingLabs has joined with Big Four consulting firm PwC to launch a strategic partnership focused on helping businesses gain better visibility of and control over their software supply chains.
The new alliance will help clients modernize their traditional Third-Party Risk Management (TPRM) programs to better keep pace with the interconnectedness and complexities of the modern software supply chain. The two companies’ partnership also seeks to help customers streamline and upgrade their testing programs for software suppliers and obtain security assurance over software they utilize without needing access to the source code.
“Organizations have never been more reliant on their supplier base than they are today. As a result, automation is needed to help assess the risk of these relationships at speed and scale. That is particularly true as commercial software suppliers come to rely on open source code, which is increasingly exploited by malicious actors,” said Mario Vuksan, CEO and co-founder, ReversingLabs.“Modern software supply chain security demands that organizations not only address issues specific to the development of software applications, but also to the consumption of commercial software, where suppliers’ reliance on external components like third-party libraries introduces additional risks,” Vuksan continued.
Software supply chain security has made headlines in recent years due to several high-profile security breaches that made a significant impact upon global businesses. The 2020 hack of IT management software firm SolarWinds’s Orion monitoring and management platform exposed the networks, systems, and data of tens of thousands of public and private organizations, including the U.S. government, to access by suspected nation-state hackers. The incident put a spotlight onto software supply chain security, sending companies scrambling to assess potential damage and shore up their cyber defenses.
The partnership will enable PwC’s clients to have better visibility and understanding of third-party risks to their software supply chains. ReversingLabs’ specialized security platform delivers visibility into software supply chain risks, ensuring that open-source components, CI/CD workflows, and release pipelines are protected, providing greater visibility of the build process, and bolstering a key line of defense for companies facing more frequent and targeted cyber attacks than ever before.