Appknox, one of the leading mobile security testing platform, unveiled a new addition to its Vulnerability Assessment (VA) Solution – the Software Level Bill of Materials (SBOM) feature.
After a successful launch of Store Monitoring in Q4 2022, Appknox continues to lead the industry with its latest feature designed to further support its cybersecurity solution. This new feature will enable the customers to uncover the attack surface with regards to any open source and third-party components used in their mobile applications.
“With Appknox SBOM, we are the first-of-its-kind where we can figure out your software component with only the application binary, which is a game changer. In the future, we will expand our SBOM coverage to focus on the hybrid model by Identifying other component types and Compositions associated with all components,” Subho Halder, CISO, Appknox.
SBOM, or Software Bill of Materials, is essential for Organizations as it helps them gain visibility into potential threats within their software supply chain. The value of SBOM for mobile applications lies in its comprehensive picture: it captures any third-party libraries and frameworks as well, allowing developers and security teams to fully understand the risks posed by those components.
The practical advantage of SBOM: With full awareness of all system components, steps can be taken to mitigate known vulnerabilities and shore up defenses against potential threats.
Organizations have better insight into their security posture with a complete and precise inventory of all the components and dependencies used in their mobile apps. This enables them to recognize and reduce potential threats more efficiently. Customers may proactively secure their apps and safeguard the data of their users by knowing exactly what components are being used and any known vulnerabilities (CVEs) associated with them.
With growing ecosystems of software frameworks and libraries, it becomes difficult to track the software supply chain. SBOM is a way to give visibility on all the libraries frameworks your application currently uses and makes it easier to check if any such vulnerable components are used in your app ecosystem. With the rising attacks on Software Supply Chain attacks in the past, such as log4j, XCodeGhost, and others, it is critical for an organization to have such visibility.
“We are really excited to bring the SBOM feature to our users. This provides valuable insights with respect to the ‘building blocks’ used to develop any mobile application. With the launch of this, we remain committed to the path of enabling Organizations to release secure mobile applications,” Raghunandan J, Product Manager at Appknox.
Software Bill of Materials (SBOM) is essential for organizations that strive to demonstrate their commitment to secure software development practices. With a well-constructed SBOM, organizations not only provide assurance to those they work with, but they can also confirm they are striving to meet the requirements of any security standard, such as OWASP CycloneDX. The SBOM serves as evidence of their adherence to best practices to secure their applications and protect user data.
