NEC Corporation has developed a technology intended to strengthen the safety of supply chains by identifying vulnerabilities in software through the analysis of binary code from executable files, without the need for source code.
The technology enables the automation of a substantial part of static software analysis, which previously relied on expert operators, thereby reducing the analysis time by 40%.
Supply Chain Transformation
Digital transformation (DX) and globalization have contributed to the complexity and expansion of supply chains across industries, which is largely due to the increase in cyber threats which target vulnerabilities in operations.
NEC's newest technology will enhance its risk hunting service, wherein security experts evaluate a customer's software and system security risks, along with their potential impacts on the business.
Moreover, this technology analyzes binary code, the executable form of software, instead of source code. It also monitors software processes that use external data to identify suspicious implementations, including backdoors that could affect sensitive processes like command execution.
NEC plans to incorporate this technology into its risk hunting services by the end of the 2024 financial year. This technology is expected to strengthen safety inspections of software within the supply chain, which will ultimately contribute to the establishment of more secure systems and supply chain security.