BlackBerry Limited has introduced a new feature of BlackBerry® Jarvis®, the company’s software composition analysis tool, that enables those doing business with the U.S. Federal Government to comply with the recent software bill of materials (SBOM) requirement from President Biden’s Executive Order on Improving the Nation’s Cybersecurity.
Executive Order 14028 requires any vendor, supplier, or provider of technology solutions to the U.S. government to provide a full SBOM and demonstrate other cybersecurity management measures to ensure that any security vulnerabilities in the software supply chain of the nation’s critical infrastructure are identified and remediated immediately.
In response to the new standard, BlackBerry QNX has added a specific capability to BlackBerry Jarvis that enables users to efficiently generate a comprehensive SBOM report that follows the Software Package Data Exchange (SPDX®) report standard, one of the leading standards to support the U.S. government and other regulatory bodies. Available in early 2022, BlackBerry Jarvis will become one of the first software composition analysis tools to provide this key feature to embedded software developers whose products are used by the Federal Government.
“As multiple government and vertical-specific safety and security standards emerge, the need to have confidence in one’s codebase has taken on a new level of importance, particularly during a time in which multiple cybersecurity attacks have illustrated vulnerabilities present within the digital infrastructure of the U.S. Federal Government,” said Adam Boulton, Chief Technology Officer, BlackBerry Technology Solutions. “BlackBerry Jarvis enables embedded software developers to demonstrate compliance, track software quality metrics and continuously harden their system so that it becomes more resilient to increasingly cunning attacks.”