Vigiles Processes Over 90,000 SBOMs, Reducing False Positive CVEs by 95%, Helping Customers Secure Critical Systems Across Key Industries and Prevent Costly Threats

SAN JOSE, Calif., Nov. 19, 2024 /PRNewswire/ — Lynx Software Technologies, Inc. (“Lynx”), a leader in foundational, open-architecture software solutions for the Mission-Critical Edge, today announced significant market traction for its Timesys Vigiles™ vulnerability and Software Bill of Materials (SBOM) management suite. Launched in 2019, Vigiles has achieved widespread adoption across critical industries, including the automotive, industrial and medical sectors, establishing itself as a premier tool for securing mission-critical systems and reducing cybersecurity risks.

The nature of the dynamic cybersecurity landscape means there will always be a need for effective vulnerability and SBOM lifecycle management solutions. Vigiles has addressed this need by processing over 90,000 SBOMs across key ecosystems including  Yocto, Buildroot and Timesys Factory. Vigiles enables users to adhere to industry standards by supporting both import formats (CSV, XML, JSON) and export formats (CycloneDX, SPDX), making it easier for organizations to manage security requirements on time and within budget.

Another factor compounding the need for advanced tools is the surge in Common Vulnerabilities and Exposures (CVEs). As of mid-2024, reported CVEs have increased by more than 30% compared to the same period in 2023, costing organizations critical time and resources to manage effectively. By eliminating approximately 85% of false-positive CVEs and reducing customer workload analysis by 95%, Vigiles empowers teams to focus on the vulnerabilities that matter, ultimately supporting faster time-to-market with secure, resilient products.

Supply Chain Security Impact

Supply chain disruptions in mission-critical industries can have devastating financial impacts, ranging from $100,000 to over $1 million per day, according to recent research from Deloitte. Vigiles can prevent up to 70% of incidents caused by software vulnerabilities, supporting OEMs and device manufacturers in managing vulnerabilities across the entire product lifecycle.

Key features and benefits of Timesys Vigiles™ for SBOM management include:

Widespread Adoption: Vigiles has processed over 90,000 SBOMs for thousands of users across various industries.Active Monitoring: Users have generated over 102,000 reports and initiated over 62,000 rescans, demonstrating Vigiles’ critical role in continuous security.Ecosystem Compatibility: Vigiles supports 67% of embedded development platforms, providing extensive compatibility with languages such as C/C++, RUST, Python and RunSafe Code (TM)Industry Certification: Vigiles has recently achieved ARM PSA Certification, validating its alignment with Platform Security Architecture (PSA) best practices.Cost and Time Efficiency: Vigiles’ automation and filtering capabilities reduce manual security tasks by 90%, with potential annual savings of up to $48,000 a year per SBOM.

Customer Success Stories

Timesys Vigiles™ has secured the trust of industry leaders, enhancing the resilience of embedded systems globally.

Lineo Solutions: President and CEO Akira Kobayashi praised Vigiles’ automation applications, stating, “With Vigiles, Timesys is delivering a breakthrough in the automation of vulnerability identification, tracking, analysis and mitigation.”

RunSafe Security: CTO of RunSafe Security Doug Britton emphasized the value of the collaboration, “Combining RunSafe’s advanced memory protection with Vigiles’ comprehensive vulnerability monitoring delivers a powerful security solution for embedded systems. This partnership enables developers to address security vulnerabilities proactively while minimizing downtime and performance impacts, ensuring that systems remain secure and resilient in the face of evolving threats. With the addition of Vigiles On-Prem, organizations and developers alike can be confident that their data remains secure.”

GE Healthcare: Chief Technology Officer of Diagnostic Cardiology, Roshy J. Francis leverages Vigiles for long-term maintenance of their custom Yocto Linux operating systems, stating,  “We chose to partner with Timesys in the development of our new portfolio of medical devices to ensure that they stay secure throughout their lifecycle.”

“The strong uptake of Vigiles across commercial industries demonstrates the critical need for automated, embedded-optimized vulnerability management at the edge,” said Atul Bansal, Lynx vice president of open-source business development. “As cybersecurity becomes a key product differentiator, Vigiles empowers our customers to bring more secure products to market faster while maintaining security at every stage of development.”

For more information about Vigiles, please visit www.timesys.com/vigiles.

About Lynx Software Technologies

Lynx Software Technologies, an OceanSound Partners portfolio company, is on a mission to improve the economics of developing, deploying and maintaining high-assurance Mission Critical Edge platforms with modular software solutions based on open standards. Our proven technology leadership, extensive system certification expertise and commitment to open standards have consistently saved our customers millions of dollars in development costs while delivering desired system performance, security and reliability on schedule. Lynx is committed to enabling customers to build and manage orchestrated, cloud-connected platforms that harness a broad array of modern technologies and unique design methodologies to enable accurate, deterministic decisions at the Mission Critical Edge without compromising safety or cybersecurity requirements. For more information, visit www.lynx.com.

About Timesys

Timesys, a subsidiary of Lynx Software Technologies, is a global provider of embedded, open-source security solutions. Through comprehensive tools like Vigiles, Timesys supports organizations in maintaining security and compliance at every stage of the software lifecycle, helping them bring safe, efficient products to market.

For further information about Vigiles, please visit www.timesys.com/vigiles.

For Lynx
Stephanie Dallman
+1 (616) 581-0117
sdallman@lynx.com

View original content to download multimedia:https://www.prnewswire.com/news-releases/lynx-software-technologies-sees-growing-demand-for-timesys-vigiles-as-a-leading-sbom-lifecycle-and-vulnerability-management-tool-for-edge-applications-302309349.html

SOURCE Lynx Software Technologies

CHANHASSEN, Minn., Nov. 19, 2024 /PRNewswire/ — IWCO, a leader in data-driven direct mail solutions, is excited to announce its critical communications division, Mail-Gard®, has entered a strategic partnership with a major healthcare provider. This collaboration underscores IWCO’s position as a trusted direct marketing partner in critical communications business continuity, disaster recovery, and print-to-mail outsourcing services.

In response to the growing demand for robust disaster solutions, IWCO is making significant investments in advanced print-to-mail equipment, enhancing Mail-Gard’s ability to provide seamless business recovery services. This enhancement highlights IWCO’s commitment to delivering secure, state-of-the-art critical communications solutions that meet the unique needs of highly regulated industries.

“Our partnership with this leading healthcare provider and our ongoing investments in new technology represent IWCO’s dedication to supporting client resilience and operational restoration,” said Ken McDonald, Chief Production Officer at IWCO. “With Mail-Gard, our clients can be confident in their partnership with IWCO to support their most critical communication needs.”

Mail-Gard, a pioneer in print-to-mail disaster recovery services since 1996, supports Fortune 1000 companies and government entities with unmatched print-to-mail services. With a 100% success rate for declaration support, Mail-Gard safeguards vital mailings against natural disasters, operational disruptions, and other unforeseen events. IWCO is committed to delivering personalized, data-driven direct mail solutions that drive client success and uphold business continuity.

About IWCO
IWCO is a leading provider of data-driven performance marketing services that has served the direct marketing industry for more than 50 years, transforming direct mail for better results.  From data and analytics to hyper-personalization and mail optimization, IWCO leverages in-house expertise and leading-edge technology to deliver direct mail campaigns that drive customer acquisition and maximize Return on Marketing Investment (ROMI). To access the latest insights on the power of direct marketing, visit www.iwco.com. Instant Web, LLC (dba “IWCO”) is a privately held Delaware corporation. Cerberus Capital Management and related entities control 100% of Instant Web, LLC.

View original content to download multimedia:https://www.prnewswire.com/news-releases/iwco-expands-capabilities-with-new-partnership-and-investments-in-mail-gard-division-302309421.html

SOURCE IWCO

Most developers (85%) and security teams (75%) have security concerns over relying on GenAI to develop software.

BOSTON, Nov. 19, 2024 /PRNewswire/ — Legit Security, the definitive application security posture management (ASPM) leader providing end-to-end visibility and protection across the entire software factory, today announced the release of a new survey report, “Use and Security of GenAI in Software Development.” Capturing the perspectives of security and development professionals to uncover concerns about the visibility into and approaches to managing GenAI, the report’s findings revealed that both teams face critical security challenges when using GenAI in software development.

“As generative AI transforms software development and becomes increasingly embedded in the development lifecycle, there are some real security concerns among developers and security teams,” said Liav Caspi, Co-Founder and CTO at Legit. “Our research found that teams are challenged with balancing the innovations of GenAI and the risks it introduces by exposing their applications and their software supply chain to new vulnerabilities. While GenAI is undoubtedly the future of software development, organizations must be mindful of its new risks and ensure they have the appropriate visibility into and control over its use.”

GenAI is quickly changing the software development process by automating tasks that once took developers hours, if not days, to complete, bolstering efficiency and productivity. Eighty-eight percent of developers report using it within their development organization, reflecting a broad shift in how development teams augment their capabilities with AI to meet tight deadlines and complex project demands. Despite the high rate of adoption, security is a critical concern. For instance, previous research by Legit revealed that LLMs and AI models contain bugs and vulnerabilities that can lead to AI supply chain attacks.

The report’s key findings include:

Increased Use of GenAI in Software Development: 96% of security and software development professionals report that their companies use GenAI-based solutions for building or delivering applications. Among these respondents, 79% report that all or most of their development teams regularly use GenAI.Code Assistant Use Is Worrying: 84% of security professionals are concerned about using code assistants and cite unknown and/or malicious code as their primary concern.Growing Concerns Over GenAI Security: 98% believe that security teams need a better handle on how GenAI-based solutions are used in development. 94% report they need more effective ways to manage GenAI use in their company’s research and development efforts.Apprehension on GenAI Over-Reliance: 85% of developers and 75% of those in security have security concerns over relying too much on GenAI solutions to develop software.Developers Fear Loss of Critical Thinking: More developers than security professionals report concern over loss of critical thinking due to AI use in development (8% vs. 3%).GenAI is the Future: 95% of respondents predict that software developers will be more reliant on GenAI in the next five years, with none foreseeing reduced reliance.

The report’s findings underscore GenAI’s importance in software development. However, as organizations increasingly adopt it into their CI/CD pipelines and software supply chains, they need to prioritize security and improve oversight while boosting collaboration between development and security teams.

To download the report, visit https://info.legitsecurity.com/survey-report-use-and-security-of-genai-in-software-development.

Methodology
The survey, conducted by Regina Corso Consulting on behalf of Legit Security, gathered insights from over 400 security professionals and software developers across various industries in North America. Respondents were drawn from companies of all sizes, from small tech startups to large multinational organizations, all dealing with the integration of AI into their software development processes.

About Legit Security
Legit is a new way to manage your application security posture for security, product, and compliance teams. With Legit, enterprises get a cleaner, easier way to manage and scale application security and address risks from code to cloud. Built for the modern SDLC, Legit tackles the most challenging problems facing security teams, including GenAI usage, proliferation of secrets, and an uncontrolled dev environment. Fast to implement and easy to use, Legit lets security teams protect their software factory from end to end, gives developers guardrails that let them do their best work safely, and delivers metrics that prove the security program’s success. This new approach means teams can control risk across the business – and prove it.

Media Contact:
Michelle Kearney
Hi-Touch PR
443-857-9468
kearney@hi-touchpr.com

View original content to download multimedia:https://www.prnewswire.com/news-releases/legit-security-releases-survey-report-on-genai-in-software-development-revealing-pervasive-security-challenges-despite-high-rate-of-adoption-302307376.html

SOURCE Legit Security