ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
Recent Quotes
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

ReversingLabs Delivers Most Comprehensive Support for CycloneDX xBOM

By: via GlobeNewswire

CAMBRIDGE, Mass., April 25, 2025 (GLOBE NEWSWIRE) -- ReversingLabs (RL), the trusted name in file and software security, today announced the launch of leading support for eXtended Bill of Materials (xBOM) capabilities with Spectra Assure™. Available now, these new features include the Cryptographic Bill of Materials (CBOM), Software-as-a-Service Bill of Materials (SaaSBOM), and Machine Learning Bill of Materials (ML-BOM), marking an industry first for fully compiled commercial software. This innovation provides both software producers and enterprise buyers with unprecedented visibility into the components, services, and risks hidden within today’s increasingly complex software ecosystems.

First-to-Market for Most Comprehensive Support for CycloneDX
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. CycloneDX is an international standard ratified by Ecma International as ECMA-424.

“CycloneDX elevates traditional SBOMs into a truly extensible, machine‑readable framework that captures critical supply chain metadata,” said Steve Springett, Chair of OWASP CycloneDX and Ecma TC54. “ReversingLabs Spectra Assure takes full advantage of these advanced specification features to deliver deep transparency and empower organizations to drive targeted risk reduction efforts.”

With the evolution of software supply chain security, traditional ingredient-only SBOMs lack context and do little to address emerging risks. The Spectra Assure SAFE report includes the most comprehensive SBOM and risk assessment of an application to identify malware, tampering, suspicious behaviors, and more. With expanded xBOM support, Spectra Assure now offers comprehensive inventories with actionable security assessments for cryptographic assets, SaaS dependencies, and machine learning models. Producers are further empowered with the ability to edit SBOM components and declare SaaS services and ML models. The ability to go beyond the SBOM is critical as businesses increasingly face challenges such as quantum computing threats, interconnected cloud services, and AI-driven vulnerabilities.

The new xBOM capabilities include the CBOM, ML-BOM, SaaSBOM, and the ability to declare and edit xBOM data.

“ReversingLabs is proud to lead the charge in redefining software transparency with our xBOM capabilities,” said Tomislav Peričin, Chief Software Architect and co-founder at RL. “By offering an unparalleled view into cryptographic assets, SaaS dependencies, and machine learning models, we empower our customers with the visibility and context to build and buy software with confidence.”

Prepares Businesses for AI and Quantum Computing Threats
As software becomes more intelligent and interconnected, organizations must go beyond traditional SBOMs to meet escalating transparency demands. The xBOM capabilities offered by Spectra Assure enable businesses to:

  • Prepare for Quantum Computing Threats: CBOM provides insight into cryptographic assets that could be exploited by quantum computing advancements.
  • Understand SaaS Dependencies: SaaSBOM ensures visibility into external services that software relies on, reducing risks from third-party integrations.
  • Gain AI Supply Chain Visibility: ML-BOM identifies potentially malicious open-source models before they can be integrated into your products or deployed into your organization.

Enables Regulatory Compliance
Support for these new xBOM capabilities will help both software producers and their enterprise buyers adhere to increasingly strict compliance mandates. These include:

  • NIST AI Risk Management Framework (AI RMF): ML-BOM helps assess, manage, and mitigate risks throughout the AI lifecycle.
  • EU AI Act: ML-BOM enables compliance with strict risk-based obligations for AI systems in high-impact sectors.
  • ISO/IEC 42001 – ML-BOM helps with the first international standard for AI management systems, covering governance, transparency, and operational controls.
  • NIST 1800 38b – CBOM facilitates the Post-Quantum Readiness through cryptographic discovery.
  • EU Digital Operational Resilience Act (DORA): Enables proprietary software from ICT third-party service providers to be properly analyzed prior to deployment.
  • EU Cyber Resilience Act (CRA): Enable software manufacturers to generate the most comprehensive SBOM/xBOM.

Replaces the Inherent Trust Model and Manual Questionnaires
Traditionally, enterprise buyers have been relatively powerless when it comes to software supply chain security. Despite the fact that it is their responsibility to ensure the security of the software they bring into their organization, they have lacked any real control mechanism. Instead, they have relied on an inherent trust model that leans on security questionnaires and incomplete visibility into software components, associated services, and now AI, ML, and cryptographic components.

With Spectra Assure, they can source this information without relying on their vendor. The Spectra Assure SAFE report provides a complete xBOM along with any critical risks - without the need for source code.

Eliminates Friction of Software Supply Chain Security and Acquisition
The lack of transparency into software components and risk slows the purchase and deployment of software, impacting both software producers and buyers.

“Our xBOM support represents a new dimension of transparency for software. With xBOM, publishers can declare, and consumers can verify, software safety claims. This is a game changer for the software industry,” continued Peričin. “As a software vendor, I’m all too familiar with questionnaires and spreadsheets requested by security and procurement teams, which provide no real visibility into the real risk of an application. xBOM support expands Spectra Assure’s ability to quickly provide all the critical analysis and insights, eliminating the need for filling out questionnaires and time-consuming back and forth.”

Additional Information
For more information about the new xBOM capabilities in ReversingLabs Spectra Assure click here, schedule a demo, attend our webinar Beyond the SBOM: Welcome CycloneDX xBOM or meet with us at RSAC 2025, April 28 - May 1, 2025, San Francisco, Moscone Center, Booth N-4428.

About ReversingLabs
ReversingLabs is the trusted name in file and software security. We provide the modern cybersecurity platform to verify and deliver safe binaries. Trusted by the Fortune 500 and leading cybersecurity vendors, RL Spectra Core powers the software supply chain and file security insights, tracking over 422 billion searchable files with the ability to deconstruct full software binaries in seconds to minutes. Only ReversingLabs provides that final exam to determine whether a single file or full software binary presents a risk to your organization and your customers.

Media Contact
Doug Fraim
Guyer Group
Doug@Guyergroup.com


Primary Logo

More News

View More
Chime Financial: Analysts Ring In—And It’s a Buy
Via MarketBeat
Topics Initial Public Offering
Tickers CHYM
Palantir’s Revenue Surge to $1B: Growth vs. Valuation
Via MarketBeat
Topics Artificial Intelligence
Tickers PLTR
Alibaba Expands Data Centers Across Asia: A New Growth Catalyst?
Via MarketBeat
Topics Economy
Tickers AMZN BABA
EV Tax Credits Are Ending—Here’s Why These 2 Stocks Could Soar
Via MarketBeat
Topics Economy Electric Vehicles Government
Tickers F LCID VFS
Don’t Miss Out: 3 Blue-Chips Set to Pop This Earnings Season
Via MarketBeat
Topics Economy World Trade
Tickers AMZN GOOGL JPM LLY
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.