BlackBerry has launched BlackBerry Jarvis 2.0, the latest edition of the company’s flagship software composition analysis tool.
BlackBerry Jarvis 2.0 introduces a SaaS version of the original Jarvis capabilities that provide developers and integrators a more user-friendly, focused feature set around the three most important areas that those building mission-critical applications need to validate to ensure the quality of their multi-tiered software supply chain: Open-source Software (OSS), Common Vulnerabilities and Exposures (CVE) and Software Bill of Materials (SBOM) management.
The online end user dashboard of the tool has also been enhanced with specific cautions and advisory flags, empowering teams to keep software secure from all known issues based on the actionable intelligence BlackBerry Jarvis 2.0 provides
BlackBerry Jarvis 2.0 addresses the need to identify and remediate vulnerabilities by identifying them, then providing deep actionable insights in minutes – something that would otherwise involve manually scanning that would take large numbers of experts and an impractical amount of time.
Designed to address the increasing complexity and growing cybersecurity threats among multi-tiered software supply chains within the medical, automotive and aerospace industries, BlackBerry Jarvis 2.0 empowers OEMs to inspect the provenance of their code and every single software asset that comes into their overall supply chains to ensure their products are both secure and updated with the most recent security patches.
When building software for a modern automobile, that’s far easier said than done, with more than 150,000 publicly disclosed vulnerabilities as of mid-July 2021. A complex piece of software for a vehicle infotainment system may contain hundreds of third-party software modules. Failure to check and update each piece of software provides openings for hackers to potentially exploit those vulnerabilities.
“A number of cybersecurity regulatory changes and standards such as UNECE WP.29 and SBOM are on the horizon, which will empower authorities to levy fines against non-compliance or shut down operations completely.
So the time for OEMs to get a handle on their entire code base is now,” said Adam Boulton, Chief Technology Officer, BlackBerry Technology Solutions.
“Don’t sit idly by and wait for a bad actor to exploit a vulnerability that could have far reaching consequences. With the release of BlackBerry Jarvis 2.0, embedded software developers and integrators have an intuitive and reliable software composition analysis tool to help them meet their cybersecurity goals with efficiency and confidence.”