CREDIT: ICS
ICS, provider of embedded software development for regulated industries, launched SBOMGuard, a new Software Bill of Materials (SBOM) analysis and vulnerability management tool built specifically for medical device manufacturers. SBOMGuard helps manage hidden risks in a software stack and simplifies FDA postmarket compliance with an easy-to-use browser-based workflow.
“Medical device manufacturers face unique challenges when it comes to cybersecurity and compliance,” says ICS CEO Peter Winston. “SBOMGuard gives them the visibility and tools they need to manage risk across the entire software lifecycle – fast, smart, and in full alignment with FDA postmarket requirements.”
How SBOMGuard Works
SBOMGuard imports an SPDX-formatted SBOM and performs an automated scan of vulnerabilities using the NIST National Vulnerability Database (NVD). CVEs (Common Vulnerabilities and Exposures) are stored and versioned, with a record of status and justifications. With automated report generation and built-in differential analysis, SBOMGuard helps medtech firms maintain compliance with regulatory requirements and stay ahead of emerging security threats.
Key SBOMGuard features include:
- Cloud-native accessibility: Browser-based cloud service with multi-user access
- Regulatory readiness: Central part of compliance to FDA cybersecurity requirements for medical devices
- Efficient workflows: Vulnerability workflow management designed for periodic updates
- Enhanced insight: Supports NVD rescans and management by differential analysis
- Format-flexible: Utilizes common formats, such as VEX, Cyclone DX and SPDX
“SBOMGuard empowers medtech companies to take control of their software supply chains and streamline cybersecurity readiness in an industry where speed, safety, and regulatory alignment are mission-critical,” says Milton Yarberry, ICS’ director of Medical Programs.