Clicky

mobile btn
Thursday, December 26th, 2024

DHS initiative seeks enhanced software supply chain

© Shutterstock

The U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T) recently announced seven awards stemming from an innovative technologies topic call will enhance software supply chain visibility tools.

S&T’s Silicon Valley Innovation Program (SVIP) issued the solicitation that sought open-source-based technical solutions providing the transparency to form the foundation for a high-assurance software supply chain.

The solicitation also sought to enable visibility into software supply chains and new risk assessment capabilities serving the mission needs of DHS components and programs, including the Cybersecurity and Infrastructure Security Agency (CISA).

“To defend against the increasing number of software attacks, it’s critical to utilize innovative tools that create a more transparent software supply chain,” SVIP Managing Director Melissa Oh said. “DHS is tapping into the startup community to develop technology that will shine a light on risks within supply chains and bolster the overall cybersecurity of organizations.”

The seven awardees, according to DHS, are AppCensus, Inc., Chainguard, Inc., Deepbits Technology, Inc., Manifest Cyber, Inc., Scribe Security, TestifySec, LLC, and Veramine, Inc.

The seven entities are slated to work as a cohort to develop a multi-format SBOM translator and a software component identifier translator to be delivered as open-source libraries, which will be integrated with their software bill of materials (SBOMs) enabled commercial products.

“Vulnerabilities in software are a key risk in cybersecurity, with known exploits being a primary path for bad actors to inflict a range of harms,” CISA Senior Advisor and Strategist Allan Friedman said. “By leveraging SBOMs as key elements of software security, we can mitigate the risk to the software supply chain and respond to new risks faster and more efficiently. A thriving ecosystem for SBOM tools and solutions will be key to shaping a more transparent software-driven world.”