There were 1,488 press releases posted in the last 24 hours and 466,589 in the last 365 days.

SAG-PM™ Version 1.1.3 Simplifies NTIA SBOM Creation and Consumption for Both Software Vendors and Consumers

Never trust software, always verify and report! ™

Never trust software, always verify and report! ™

SAG-PM™ Version 1.1.3 makes it easier than ever for software consumers and vendors to get started with SBOM. Just ask your vendors for an SBOM to get started.

This release of SAG-PM (TM) removes the barriers for both software vendors and consumers to implement an NTIA supported SBOM solution for risk management C-SCRM, today”
— Joanne Brooks, REA Co-Founder
WESTFIELD, MA, USA, August 23, 2021 / -- Reliable Energy Analytics LLC (REA) is pleased to announce the commercial availability of its flagship C-SCRM product, SAG-PM™ Version 1.1.3, with support for NTIA SBOM, following NIST Cybersecurity C-SCRM best practice, making it easy for both software consumers and vendors to create and consume NTIA compliant SBOM’s, today.

SAG-PM™ version 1.1.3 is the first commercial, patent pending (16/933161), Cyber Supply Chain Risk Management (C-SCRM) product to satisfy President Biden’s, May 12, Cybersecurity Executive Order (EO), 14028 requirements for NTIA Software Bill of Materials (SBOM) minimum elements using the NTIA recommended “primary component” method for product identification, and “critical software”, defined by NIST.

Federal agencies, their software vendors, and other entities that are subject to EO 14028, can download and install SAG-PM™ today, to start implementing NTIA SBOM’s and software supply chain cybersecurity protections, proactively, before any attempt to distribute or install a software product, preventing the installation of ransomware and other forms of malware. SAG-PM™ has been designed to help software vendors and consumers meet all government SBOM cybersecurity requirements contained in section 4, Enhancing Software Supply Chain Security, of EO 14028, and NTIA’s minimum SBOM elements requirement.

This release of SAG-PM™ extends support to software vendors, enabling the simplified creation of NTIA compliant SBOM’s in the SPDX Tag/Value format. Software vendors can use SAG-PM™ to generate an SBOM for their software products by supplying a “zipped” copy of the software objects used in their build process as input to SAG-PM™, eliminating the need for a software vendor to implement intrusive technical changes to the software build process. The existing software build process remains unchanged with this SBOM creation approach, saving a vendor time, money and effort by eliminating changes to the build process and having to debug any problems that may be introduced. SAG-PM™ will create an NTIA compliant SPDX Tag/Value SBOM of the zipped software objects and perform a software supply chain risk assessment, at the same time, providing a software vendor with insights into any risk that may be present, prior to distributing products to customers.

This release also provides software vendors with an easy-to-use method to help their customers easily incorporate product SBOM and other data, i.e. questionnaire data, into the customers own C-SCRM processes. REA provides software vendors with data templates that are used to describe their software products in a machine-readable format (XML). A software vendor “fills-in” the template with information describing their products, including the location of SBOM data files, which is then provided to customers through the vendors own, access-controlled customer portal. SAG-PM™ customers use this vendor supplied data to update their local SAG-PM™ provided vendor database, considerably simplifying the customer’s setup process when a new product release is delivered.

As with all SAG-PM™ releases, REA continues to provide C-SCRM SBOM cybersecurity solutions for all critical infrastructure operators, in accordance with President Biden’s July 28 Cybersecurity Memorandum, and across other industries, including Healthcare, Telecommunications, Finance, Insurance, Manufacturing, Public Utilities, non-Profits and Governmental agencies in addition to the Energy industry. REA applies “Secure by Design” principles in all of its software development, operations and business practices.

SAG-PM™ Version 1.1.3 makes it easier than ever for software consumers and vendors to get started with SBOM. Software consumers that want to get started using SBOM only need to ask their software vendors to supply an SBOM – that will get the ball rolling.

Never trust software, always verify and report! ™

Dick Brooks
Reliable Energy Analytics LLC
+1 978-696-1788
email us here