Exiger has announced the acquisition of aDolus Technology Inc., a move aimed at enhancing its software supply chain visibility and risk management capabilities. This acquisition allows Exiger to integrate aDolus’ technology, which can generate software bills of material (SBOMs) and analyze software binaries for provenance. With rising incidents of supply chain attacks since high-profile breaches like SolarWinds and Log4j, this integration is crucial for improving security measures across various sectors, including law enforcement and government.
The acquisition addresses a significant blind spot in cybersecurity, particularly concerning vulnerabilities in operational and legacy technologies. Exiger President Carrie Wibben emphasized that the costs associated with maintaining outdated systems exceed $1 trillion, highlighting the urgency of improving visibility and risk assessment in software supply chains. The combined capabilities of Exiger and aDolus enable clients to verify supplier claims about software composition and security, thus enhancing overall trust in third-party vendors.
aDolus, known for its expertise in operational technology and real-time operating systems, brings valuable insights and analytics to the partnership. Its FACT platform provides high-precision risk analytics, generates retroactive SBOMs for legacy systems, and validates current supplier SBOMs. By harnessing aDolus’ capabilities, Exiger aims to uncover hidden third-party risks and enhance the provenance of software components, even when they have been rebranded or misattributed.
This acquisition not only strengthens Exiger’s offerings in cybersecurity but also empowers clients in critical industries such as energy, telecom, and healthcare to achieve greater supply chain visibility. The integration of aDolus enhances Exiger’s Ion Channel platform, enabling customers to “trust but verify” the security of their software supply chains. As cyber threats continue to evolve, this strategic partnership positions Exiger as a leader in safeguarding organizations against future supply chain attacks.
Reference: