Blog
Making the Case for Software Behavior Transparency
Ben Higgins
June 21, 2021
On May 12, 2021, the Biden Administration announced an executive order aimed at strengthening the cybersecurity of government and public sector programs. The executive order came in the wake of several major recent incidents, including the SolarWinds, Microsoft Exchange Server, and Pulse Secure CVEs, which impacted numerous federal agencies as well as private sector companies.
One primary focus of the cyber order is to improve the security of the software supply chain. Specifically, it will require vendors to provide a software bill of materials (SBOM)—a list of all third-party and open-source components used to build their software—in order to work with federal agencies.
While the SBOM would make it easier and faster for federal agencies to determine whether one of these dependent components subjects them to a vulnerability, it's not enough.
Faster incident response does not do much in the way of protection or prevention of compromise in the supply chain. We need to take it one step further to demonstrate when software within the supply chain is at risk of attack.
We believe that we also need software behavior transparency.
A behavior transparency framework allows companies within the supply chain to detail the expected actions that the software will take on a device or on the network. This will help security analysts to develop a baseline of expected behavior and distinguish between expected noise and indications of compromise. In turn, it will give security teams an advantage in identifying exploitation of unknown vulnerabilities in any proprietary or open-source software.
Interested in learning more? Read my TechCrunch Op-Ed.
Discover more