NetRise, the leader in software supply chain security — helping companies inventory software assets and identify and respond to software risk — announced a $10M growth funding led by DNX Ventures with participation by existing investors Miramar Digital Ventures, Sorenson Capital, Squadra Ventures, and Talons Ventures. This investment round brings the company’s total funding to $24.8 million and accelerates NetRise’s mission to address the critical security gap in detecting and responding to software supply chain risk.
The NetRise Platform is a category-redefining solution that creates a software asset inventory, which is critical to manage organizational risk. Designed for those who build, buy, use, and maintain software across a variety of devices, NetRise generates a robust software bill of materials (SBOM), analyzing compiled code and firmware to deliver unprecedented visibility into software supply chain risk.
“Clarity of purpose, top caliber team, and relentless focused execution carry the day. More and more, depending on vendors, software libraries, and compiled code is the norm, and hackers know it,” said John Stewart, President, Talons Ventures, former Cisco Chief Security and Trust Officer. “NetRise’s focus on identifying weaknesses and vulnerabilities within compiled code brings the critical needed insight into embedded and firmware-based systems. This is the company, this is the team.”
Also Read: Uniserve partners with Logistics Reply to transform its customers’ supply chains
The world today relies on software, and not always in obvious ways. According to Porsche AG, a modern car runs on 100 million lines of code, whereas a Boeing 787 dreamliner runs on only 14 million. When automobiles connect to fleet networks, they increase an organization’s attack surface. The use of open-source and other third-party code likewise exacerbates the risk. In its 2024 Data Breach Investigation Report, Verizon introduces a new metric to track “the growth of exploitation of vulnerabilities and software supply chain attacks,” noting that they “calculated a supply chain interconnection influence in 15% of the breaches [they] saw, a significant growth from 9% last year.”
While many assume the software that runs the devices they purchase is secure and free from vulnerabilities, high-profile software supply chain breaches have proven otherwise. Recent examples include exploitation of a vulnerability reported in 2024 in TP-Link Routers and custom backdoors installed by hackers on Juniper routers.
“Every organization understands the value of an asset inventory, this is why it is critical security control #1, yet no one has a software asset inventory, even though it is critical security control #2,” said Thomas Pace, co-founder & CEO of NetRise. “The reason for this is that organizations have not had a way to build this software inventory from the ground up on their own, until now. This enables multiple teams within an organization to leverage this new data set: third party risk, incident response, vulnerability management, application security, and the SOC.”
With this investment round, NetRise will continue to help organizations evolve their security approach to enhance visibility and protection through proactive and continuous monitoring of software components, including firmware, to identify and address threats.
Key benefits include:
- Enhanced security: Organizations can reduce the impact and risk of cyberattacks by proactively identifying and mitigating vulnerabilities in their software supply chains.
- Improved compliance: Device manufacturers increase customer trust by demonstrating compliance with industry regulations, while enterprises receive detailed information about third-party software, including license compliance.
- Increased operational efficiency: Customers gain visibility into vulnerabilities that are most likely to be exploited, enabling them to prioritize remediation and mitigation.
“NetRise has quickly established itself as the leader in managing software supply chain risk for device manufacturers and enterprise organizations,” said Rio Maeda, Managing Partner, DNX Ventures. “Software supply chain security presents a unique set of challenges that too many organizations struggle with, and until now, the industry lacked an effective solution. Tom and his team’s goal is to address these shortcomings by focusing on firmware and software components. Our continued investment in them underscores our belief in the NetRise team, their innovative capabilities, and their commitment to bring automated, scalable firmware analysis to the masses.”
SOURCE: PRNewswire