The Austin-based firm is partnering with Asc3nd Technologies Group to deploy its software supply chain risk management platform. Instead of relying solely on vendor-provided attestations, the service utilizes independent binary analysis to inspect compiled artifacts across firmware, operating systems, and containers. This approach seeks to provide a granular inventory of what is actually running in production environments, rather than what is documented on paper.
This shift arrives as federal agencies face mounting pressure from recent directives, including CISA Binding Operational Directive 26-04, which mandates risk-based prioritization for remediation. NetRise’s platform incorporates 'Provenance' intelligence to map components to their original maintainers and geographic regions, helping agencies assess the potential blast radius of compromised dependencies. The move also targets requirements set by recent executive orders regarding artificial intelligence and post-quantum cryptography, where identifying specific embedded cryptographic algorithms is becoming a critical compliance hurdle.
Thomas Pace, CEO of NetRise, argues that relying on questionnaires or isolated tools is no longer sufficient against modern threat actors. By integrating binary-derived evidence, the company aims to help agencies transition from simple compliance reporting to active, scalable risk management. The partnership with Asc3nd Technologies Group is designed to fold these capabilities into existing federal workflows, including continuous monitoring and incident response, ensuring that security teams can identify vulnerabilities that traditional source-based tools often miss.

Comments (0)
No comments yet. Be the first!