What’s better than a “Software Bill of Materials (SBOM)?”
RunGreen provides security analysts with an instant component inventory and “live” vulnerability reports for a given application. This component inventory is far superior to the “Software Bill of Materials” (SBOM) produced by traditional SCA vendors because RunGreen references actual software running in production. Unlike vulnerability reports generated by traditional SCA’s at earlier stages of the software development lifecycle, the live vulnerability report is based on automatic tracking of deployed libraries within every application instance in every data centre or cloud it is deployed to.
Notifications for detection and blocking can be broadcast to all stakeholders
When my enterprise is unable to eliminate all known application vulnerabilities, what effective options are left?
Enterprises often face scenarios that prevent them from eliminating known vulnerabilities. Sometimes, resolving a vulnerability involves a large scale upgrade that is not feasible for your enterprise to implement. Rungreen offers effective options in these scenarios. You can disable the library or specifically the suspicious method in the library to prevent any execution or invocation of its functionality (“blocking”) and be marked for
closer monitoring. Once blocked, any attempt by an adversary to invoke the library a notification is broadcast to operations and security team
