Finite State, Inc., a leader in software risk management, announced the acquisition of MergeBase, a prominent provider of software supply chain security solutions. This acquisition enhances Finite State’s commitment to securing the entire software development lifecycle (SDLC) by integrating MergeBase’s deep source code analysis with its advanced binary analysis. The merger aims to improve security, visibility, and compliance across digital environments, empowering organizations to build and deploy more secure software and embedded systems.
The combined solution offers unmatched software security from build to runtime. It leverages the strengths of both companies, delivering comprehensive software supply chain visibility and risk protection throughout the SDLC. MergeBase’s patented Runtime Software Composition Analysis (SCA) extends traditional SCA capabilities, providing continuous monitoring and vulnerability mitigation after deployment. This approach uses AI to learn and improve accuracy, reducing attack surfaces by 60-70% over time.
Matt Wyckhouse, CEO of Finite State, emphasized that the acquisition marks a significant step forward in addressing the security needs of embedded systems and critical software. By combining binary and source code analysis, the integrated solution offers unparalleled flexibility and compatibility. This ensures organizations can meet stringent regulatory requirements and protect their products more effectively, providing a holistic security solution for the modern software supply chain.
Oscar van der Meer, CEO of MergeBase, expressed enthusiasm about joining forces with Finite State, highlighting the benefits of integrating their technologies. The merger aims to set a new standard for software security by enhancing the ability to identify and remediate vulnerabilities early and reducing false positives. This comprehensive solution supports secure software development lifecycles, ultimately protecting national infrastructure and individual consumers.
Reference:
