Riscosity, a software security startup, setting up its base in the San Francisco Bay Area announced today that it was launching publicly available services for enterprise and small to medium business markets. Riscosity’s offerings help companies close larger dollar value deals in much less time by providing security attestation for the company’s software to a potential client.
Fortune 10,000 businesses perform pre-purchase due diligence, which involves understanding and verifying 3rd party risk associated with a potential vendor. Riscosity automates this process and provides unrivaled visibility for the entire software supply chain for its customers. These accurate, automatically generated reports provide product security leaders with the information they need to determine if the building blocks of their revenue-generating software are satisfactory and up to today’s security standards. Furthermore, potential clients can complete 3rd party and 4th party risk analysis, prior to signing a vendor, within minutes instead of weeks.
What’s Lurking in Your Software Stack?
Riscosity, a software security company, launched publicly available services today to help enterprises discover, analyze, manage and secure the basic building blocks of their own revenue-generating software services. Riscosity helps businesses earn more revenue faster by cutting out the back and forth that companies experience when going through the process of pre-purchase security due diligence with prospective customers. Additionally, Riscosity’s software platform saves 130+ hours per quarter of manual cataloging, verification, and audits done by a combination of development, security, and audit teams.
The way software services are built have changed significantly in the last two decades. Software is built more like an appliance wherein the core intellectual property, also known as “the secret sauce”, acts like the glue which joins the most mundane building blocks of the software stack. As an example, companies – that specialize in helping customers understand spending habits – routinely use pre-packaged building blocks of software to send multi-factor authentication requests for security, send analytical data to heat-map services to understand user interaction patterns, and much more. These pre-packaged building blocks of software help launch the service faster, in a more economical fashion, and lets the business focus on its core competency. This is an example of standing on the shoulders of giants, and software reuse.
Riscosity’s CEO and Co-founder Anirban Banerjee says “Quick Enterprise purchase decisions are predicated on successful pre-purchase due diligence by the prospective client. With Riscosity, customers can expect to increase recognized revenue by 15% earlier than existing timelines, within 3 financial quarters of product deployment.”
Riscosity’s platform based offering, breaks down a piece of software into its 3rd party components, exposing all the details to the client. This is overlaid with risk information so companies can not only map out the entire software supply chain but also, quantify, audit, and resolve any issues that may interrupt the revenue generation pipeline. Riscosity benefits large enterprises as well as small to medium businesses who are looking to propel their revenue by selling to the Fortune 10,000 government and regulated agencies and security-conscious customers.
Recent regulatory guidance, as part of the Biden administration’s executive order 14028 has proposed a Software Bill Of Materials (SBOM) as a way for companies to make sure they know exactly what constitutes their own software services. This is critical to prevent attacks like the ones we have seen in 2021 beginning with Solarwinds, Kaseya, and, more recently, the Apache Log4j vulnerabilities. Firms that wish to sell to regulated and government organizations, should look towards making sure they can demonstrate a complete and effective understanding of their own software’s security posture. Riscosity’s offering is helping its clients present their best foot forward when closing deals with high-profile companies..
James Greene, Co-Founder and VP of Engineering says “There is nothing like this in the risk and security markets, period. This is the world’s first platform that provides visibility, control, auditability, and accountability in one single solution – without the hassle of managing thousands of agents over multiple vendors.”
Riscosity’s team consists of proven entrepreneurs with a strong security product and sales background. The team is funded by well-known Venture Capital groups in Silicon Valley and Pacific Northwest areas. Additionally, CEOs and CISOs of public and private companies back Riscosity as angel investors, rounding out a very strong team and product.
Riscosity is the only next-generation Software Composition Analysis player at this time. Traditional competitors in the space have focused only on solving thin slices of the problem; no overarching single platform exists to solve the needs of enterprises and small to medium businesses. To date, innovation has been stagnant in this specific area as products tend to only focus on code quality, license management, finding security vulnerabilities and logic errors – no focus has been targeted towards building a holistic mechanism that helps businesses understand the risks associated with using 3rd party building blocks and provide a way to uncover, keep track, and remediate the entire software supply chain.
Mahendra Ramsinghani, Founder of SecureOctane, one of the investors in Riscosity said “The world has changed, it is time to recognize that the velocity at which code morphs in enterprises is no longer in sync with manual audit processes run by SecOps. Individual tools versus a complete platform is a battle that cannot be won. We believe in the completeness of the vision that Riscosity is providing to customers. “
To understand more about the solution that Riscosity provides, please connect with the company’s representatives at https://www.riscosity.com and at +1-888-747-2674 (+1-888-RISCOSI)