May 3
Loading video player...
At RSAC, NetRise CEO Tom Pace sat down with Booz Allen Hamilton for a direct conversation about one of the most dangerous misconceptions in software supply chain security — and what organizations need to do right now to close the gap. Recent supply chain incidents involving tools like Trivy and LiteLLM — software that organizations trust and deploy widely — have made one thing undeniably clear: attackers aren't waiting at the perimeter anymore. They're moving upstream, embedding risk deep inside the software supply chain before products ever reach production. And while the security industry has spent years preaching "shift left," Tom delivers a harder truth — if those compromised components are already in your deployed environments, shifting left won't save you. You need to shift right. You need to find what's already in production. The problem? Source code analysis tools can't do that. They tell you what developers intended to ship. They can't tell you what's actually running across your firmware, containers, and compiled binaries in the field. That's the critical visibility gap that attackers are actively exploiting — and that most enterprise security programs are still blind to. NetRise was built to close that gap. Through advanced binary composition analysis, NetRise analyzes compiled code — no source code required — to surface vulnerabilities, hard-coded secrets, misconfigurations, exposed cryptographic keys, and risky components hiding in the final built products your organization depends on. NetRise generates comprehensive, binary-derived SBOMs that reflect what's truly in your software, not just what's declared. Because understanding your software supply chain risk isn't a development problem anymore. It's an operational imperative. 🔗 Learn more at netrise.io 📅 Book a demo: netrise.io/demo #SoftwareSupplyChain #BinaryAnalysis #SBOM #CyberSecurity #RSAC #NetRise #FirmwareSecurity #VulnerabilityManagement #SupplyChainSecurity #ZeroTrust