Enlil, Interlynk to develop integrated cybersecurity solution for medical device manufacturers

Enlil, Inc., a unified product lifecycle traceability platform for medical device innovators, announced a strategic partnership with Interlynk, Inc., an enterprise product security platform specializing in software and artificial intelligence (AI) supply chain cybersecurity. Together, they're delivering an integrated solution that embeds cybersecurity compliance and traceability for Software-as-a-Medical Device (SaMD) developers and medical device manufacturers.

As regulators raise the bar on cybersecurity transparency and post-market risk management, medical device teams face a growing challenge: an accurate Software Bill of Materials (SBOM) is foundational, but it is only the starting point.

Enlil and Interlynk integrated platforms enable MedTech leaders to meet FDA cybersecurity compliance and traceability.

What's missing is continuous insight into software vulnerabilities, threat exposure, AI model integrity, and validation of readiness across the product lifecycle. The Enlil–Interlynk partnership directly addresses this gap.

Why this partnership matters now

Cybersecurity is now central to patient safety and market success. FDA Refuse to Accept (RTA) policies, EU MDR expectations, and regulatory initiatives increasingly demand manufacturers demonstrate software transparency and continuous cybersecurity risk management throughout their products' lifecycle.

SBOMs, comprehensive lists of software components, are essential, but without automated monitoring, clear context, and connection to the product lifecycle, they risk becoming static artifacts rather than useful tools for day-to-day operations.

"SBOMs shouldn't live as static documents created just to pass a submission gate," says Surendra Pathak, CEO of Interlynk. "By partnering with Enlil, we're turning SBOMs into living, actionable intelligence, helping device teams continuously understand risk, respond faster, and stand up to regulatory scrutiny throughout the product lifecycle."

A unified approach to cybersecurity, quality, and regulatory readiness

Through this partnership, Enlil's cloud-native product lifecycle and traceability platform integrates with Interlynk's SBOM-, VEX-, and AI-BOM-powered cybersecurity solutions, giving MedTech teams a single, connected view of:

• The software and AI components built into the product.
• The vulnerabilities and exposures that matter.
• How risks are assessed, mitigated, validated, and documented.
• How evidence remains continuously audit-ready.
• Identified open-source components (publicly available software) and their dependencies, posing a risk to the overall product.
• The software product revisions impacted by threats and vulnerabilities, and downstream manufacturing lots and shipments that are affected.

For SaMD and AI-enabled medical devices, the integrated solution also supports emerging FDA expectations around training data provenance, data integrity, and AI model supply chain security.

This includes traceability of training, validation, and test datasets; protection against unauthorized modification or data poisoning; and version-controlled, cryptographically verifiable AI models treated as regulated software artifacts.

With Interlynk's AI Bill of Materials (AIBOM, a list of all components in an AI solution), teams can track AI models, datasets (collections of related data), and dependencies using the same SBOM-driven infrastructure, extending cybersecurity and regulatory rigor seamlessly into AI-powered systems.

The integrated solution delivers a shift-left approach to cybersecurity, enabling executive teams to proactively embed security, quality, and compliance from early development to post-market. When issues arise, leadership will have the tools for rapid containment, focused remediation, and immediate control over impacted assets.

"For modern medical devices, software risk is product risk," says Charu Roy, chief product officer at Enlil. "This partnership brings cybersecurity directly into the product lifecycle, so teams can manage software and AI risk with the same rigor as quality and regulatory requirements, from design through post-market."

Key benefits for SaMD and software-driven medical devices

• Cybersecurity built in – not bolted on: Embed SBOM, AIBOM, and vulnerability intelligence early to reduce remediation and regulatory challenges.
• Automated, living bills of materials: Generate and maintain machine-readable SBOMs and AIBOMs using industry formats such as CycloneDX and SPDX. These documents provide ongoing monitoring and actionable context for software and AI components.
• End-to-end traceability: Link cybersecurity risks, mitigation efforts, verification activities, and regulatory evidence directly within Enlil's unified single source for tracking all product data.
• Always-on regulatory readiness: Stay aligned with evolving FDA cybersecurity guidance and global requirements through structured workflows, audit trails, and real-time visibility.