Product security leader partners with leading supply chain evidence and visibility organization to accelerate the transparent collaboration of risk analysis and SBOM sharing between device manufacturers and asset owners that is needed to secure the software supply chain.

COLUMBUS, Ohio & SANTA CLARA, Calif. — October 31. 2022 —  Finite State, the leader in product and supply chain security, and RKVST announce a partnership to bring together Finite State's industry-leading product security automation with RKVST's zero trust-based supply chain evidence platform. The partnership will focus on bringing visibility to a major market need: collaboration between device manufacturers and asset owners to secure the software supply chain.

With the number of IoT and OT devices expected to surpass 25 billion by the end of this year, product security risks across the software supply chain threaten the embedded systems that form the foundation of our critical infrastructure, medical devices, and connected vehicles.

The Finite State Partnership Program advances our mission of enabling product security teams and asset owners to better protect these connected devices. The program offers strategic product supply chain security partners a way to team up with other connected device security approaches and comprehensively discover, assess, prioritize, remediate, and respond to vulnerabilities, weaknesses, and other threats.

Device manufacturers and asset owners recognize the need to empower their product security and risk management teams to continuously and accurately respond to emerging connected-device threats. The Finite State-RKVST partnership combines the deep expertise and innovation of two industry leaders in product and supply chain security, binary software composition and analysis (SCA), vulnerability and threat intelligence, and zero trust architecture in an alliance that provides provenance, governance, and immutability of shared data in order to secure the software supply chain.

"As the software supply chain continues to emerge as a highly targeted attack surface, it is essential for OT and IoT to innovate and evolve operationally to deliver software transparency to validate the security state of components continuously," said Tom Bain, EVP, Marketing, Finite State. "In partnering with RKVST, we are blending a zero-trust approach with a binary-based, deep-dive validation of IoT and OT software and firmware to deliver a best-in-class approach to the market that's predicated on providing unparalleled visibility to reduce supply chain risk at-scale."

“The RKVST evidence platform delivers a reliable chain of custody for supply chain data. It provides continuous visibility of data across supply chains and supply chain partners, proves and verifies who did what when to any physical or digital asset, automates workflows and provides auditable evidence you can rely on for critical decision making,” said Rob Brown, VP Business Development, RKVST. “The partnership with Finite State enables people to easily automate the exchange of OT and IoT cybersecurity evidence at scale and use that information to make reliable decisions.”

To learn more about the Finite State Partnership Program, please visit our Partnership Information page at https://finitestate.io/partners.

About Finite State

Finite State empowers organizations to gain control of product security for their connected devices and supply chains. Across the software supply chain lifecycle, Finite State is the single pane of glass for customers that provides continuous visibility into product supply chain risk.

Backed by a team of seasoned experts, our automated product security platform arms our customers with the actionable insights, critical vulnerability data, and remediation guidance necessary to mitigate product risk and protect the connected attack surface. For more information, visit www.finitestate.io.

About RKVST

RKVST enables organizations to build evidence trails for trustworthy digital supply chains. Whether you're tracking nuclear waste, relying on data from connected devices or using software bills of materials (SBOMs), RKVST turns that data into evidence you can rely on, no matter where it came from, without the frustration, time wasting and uncertainty of manual data verification. The RKVST platform allows supply chain partners to track and share evidence about assets and data and verify they are safe to use. Underpinned by distributed ledger technology, RKVST integrates easily with existing software and zero trust security systems, delivering cost and risk reductions, and allowing you to move faster and improve resiliency in your business operations. To learn more, visit RKVST.com.

“As the software supply chain continues to emerge as a highly targeted attack surface, it is essential for OT and IoT to innovate and evolve operationally to deliver software transparency to validate the security state of components continuously.” 

Tom Bain, EVP, Marketing
Finite State