Date: 12/06/2023

Time: 1100 – 1200 Eastern Time

Vendor: NetRise

Technology/Topic: Firmware and XIoT Security Platform       

URL: https://www.netrise.io

TEM Video Recording (milTube): https://www.milsuite.mil/video/watch/video/66437

NetRise TEM Slide DeckDownload
NetRise Platform CoverageDownload
NetRise Next-Gen XIoT Security PlatformDownload

Welcome to the Technical Exchange Meeting (TEM)!

NetRise is an SDVOSB founded by two former Marines with deep technical cybersecurity and ML experience.  The mission is to provide visibility into supply chain and device security via an approach that is unique.  Building upon the unique background of ML and reverse engineering expertise NetRise has built a highly scalable platform that analyzes binary assets at scale.

The NetRise platform provides fully automated firmware analysis that generates a software bill of materials (SBOM) utilizing custom methods for firmware component identification from the binary in addition to commonly used approaches.  This combination of common and custom methods provides the most comprehensive inventory of components along with a detailed list of vulnerabilities.  The vulnerabilities are ranked by severity and by exploitability. NetRise also identifies a number of other risks including hard-coded credentials, public and private keys, misconfigurations, malicious code, etc.

NetRise provides the ability to analyze firmware images at scale with a horizontal and vertical lookup of which assets run software and firmware that calls the same open-source software. To accomplish this NetRise generates a library of cross-correlated software dependencies and produces SBOMs in CycloneDX and SPDX format. The Platform provides an API-centric solution for interoperability with other platforms. These capabilities will allow the user to make informed decisions on OSS prioritization and resource allocation to securing open-source software.

The NetRise Platform represents new technology.  Prior to the development of the platform this type of analysis was performed manually by highly skilled experts using rudimentary tools.

To join the DISA TEM mailing list, please contact: disa.tem@mail.mil

Disclaimer:

— TEMs do not serve as a marketing venue or request for proposal actions.

— TEMs shall not be interpreted as a commitment by the Government to issue a solicitation or ultimately award a contract.

— TEMs do not serve as an endorsement of any presented technologies or capabilities

— Presentations will not be considered as proposals nor will any awards be made as a result of a TEM session.

— TEMs are public open forums – no proprietary or sensitive information should be presented during TEM sessions. Only publicly facing content is permissible in DISA TEM sessions.

The owner of this website has made a commitment to accessibility and inclusion, please report any problems that you encounter using the contact form on this website. This site uses the WP ADA Compliance Check plugin to enhance accessibility.