Platform

Leading Global Technology Provider Achieves Scalable Product Security Workflows with the NetRise Platform

Executive Summary: 

A common challenge for device manufacturers is the scalability of product security operations. Answering basic questions about which products contain specific software components, credentials, cryptographic material, and more is virtually impossible without a scalable, centralized solution for the analysis and aggregation of such data. Leveraging the NetRise Platform, a leading global technology provider, which has chosen to remain anonymous, drastically increased the breadth of products that undergo such analysis and successfully implemented a centralized solution to allow for real-time monitoring and querying of critical security information.

Client Overview: This leading global technology provider is renowned for its pioneering advancements in internet technologies, offering a broad range of products including networking hardware, software, and telecommunications equipment. The company plays a crucial role in ensuring the security and efficiency of digital infrastructures across various industries such as telecommunications, education, healthcare, and government. The company partnered with NetRise with the primary goal of enhancing the scalability and efficiency of their product security operations. They sought to implement a centralized solution capable of real-time monitoring and querying of critical security data, including software components, credentials, and cryptographic materials. This partnership aimed to expand the breadth of products undergoing security analysis and address vulnerabilities that existing tools could not detect, ultimately ensuring a higher level of security across the company’s extensive range of devices.

Challenges:

  • Inability to identify which product lines contained particular artifacts of interest such as cryptographic material (public keys, private keys, certificates), credentials, specific binaries and software components, misconfiguration issues, and more.
  • Lacking a solution capable of conducting analysis against a wide variety of formats with various operating systems, file system types, and numerous different compression algorithms in use.
  • No centralized solution to store analysis data and provide an interface to continuously monitor and rapidly query for artifacts of interest.

Solution and Implementation: The company and NetRise collaborated with internal security teams across multiple product lines and business units to implement a process to analyze all newly released products with the NetRise Platform and retroactively analyze recent versions of current products in use by customers, as well as legacy products that are still supported. NetRise rapidly implemented support for image formats that needed additional analysis capabilities built (custom extractors, file system and operating system support, etc.) to achieve a breadth of coverage that no other industry solution could provide. Leveraging the NetRise Platform API, the company integrated the NetRise Platform into their CI/CD process, ensuring coverage of all newly released products.

Results:

  • The company went from a limited capability to answer questions about security artifact prevalence across product lines to maintaining all of this data in a centralized location, allowing for rapid querying of such artifacts (less than 5 seconds) across hundreds of products.
  • Integration of the NetRise Platform into the CI/CD processes ensures that future releases of products are automatically in scope and will be analyzed and continuously monitored going forward.
  • The company identified numerous security-related artifacts to be removed from devices, increasing the overall security posture across multiple business units.

Testimonial: "The centralized and scalable solution provided by the NetRise Platform has transformed our product security workflows. We can now proactively manage and mitigate risks across a wide array of devices, enhancing our security posture significantly."

Conclusion: Product security teams need a centralized, scalable solution to automatically analyze device software and firmware to enable continuous monitoring and rapid querying of security artifacts from both a proactive and reactive (incident response) perspective. Security teams face a significant challenge in finding a solution that can analyze a wide variety of artifacts (operating systems, file system types, software package types, compression algorithms, etc.). The NetRise Platform is an industry-leading solution from both a breadth and depth of coverage perspective. Additionally, in cases where proprietary formats are in use, the NetRise Platform can be easily extended to support such formats. Integration of the NetRise Platform into CI/CD and build pipelines ensures a seamless process for analyzing newly released products.

Ready to See the NetRise Platform?

NetRise is an automated, cloud-based platform that provides comprehensive insight into the many risks present in firmware and software components.