Finite State joins forces with MergeBase to provide
industry-leading SCA, AI-powered remediation, and a
developer-centric approach for secure software development from
build to runtime
COLUMBUS, Ohio, June 27,
2024 /PRNewswire-PRWeb/ -- Finite State, Inc., the
leader in comprehensive software risk management for the connected
world, announced today the acquisition of MergeBase, a leading
provider of software supply chain security solutions. This
strategic move strengthens Finite State's commitment to securing
every aspect of the software development lifecycle (SDLC),
improving security, visibility, and compliance across all digital
environments, and empowering organizations to build and deploy more
secure software and embedded systems.
"This acquisition allows us to offer a
holistic security solution for the modern software supply chain
with unparalleled flexibility and compatibility, ensuring that
organizations can meet stringent regulatory requirements," said
Matt Wyckhouse, CEO of Finite
State.
The combined solution brings unmatched software security from
build to runtime. Leveraging the combined power of Finite State's
advanced binary analysis and MergeBase's deep source code analysis,
it delivers unmatched software supply chain visibility and risk
protection throughout the SDLC. Best-in-class Software Composition
Analysis (SCA) technology identifies vulnerabilities in
proprietary, open-source, and 3rd-party code and generates detailed
Software Bills of Material (SBOMs) for any software, firmware,
infrastructure-as-code (IaC), and source code. Going beyond
traditional SCA capabilities, MergeBase's patented Runtime SCA
extends this protection, providing continuous monitoring for
applications and mitigating vulnerabilities after deployment. This
application hardening approach uses AI to continuously learn and
improve accuracy, allowing organizations to proactively address
known vulnerabilities and reduce their attack surfaces by 60–70%
over time.
"The integration of MergeBase into Finite State marks a
significant step forward in addressing the security needs of
embedded systems and critical software. Our combined offering
leverages the best of both worlds: comprehensive binary analysis
and top-tier source code security. This acquisition allows us to
offer unparalleled flexibility and compatibility, ensuring that
organizations can meet stringent regulatory requirements and
protect their products more effectively than ever before. We are
excited to lead the way in providing a holistic security solution
for the modern software supply chain," said Matt Wyckhouse, CEO of Finite State.
Building secure software from the start has become critical due
to increasingly stringent regulatory mandates, which emphasize the
importance of transparency and risk mitigation in software supply
chains. The combined solution's deep visibility and actionable
insights into the entire software supply chain ensures compliance
and enhances security from the start. This extensive insight,
including vulnerability enrichment, remediation guidance, and
prioritization data, seamlessly integrates into existing CI/CD
pipelines, boosting developer productivity and accelerating secure
software delivery.
"We are thrilled to join forces with Finite State. Together, we
will set a new standard for software security. The benefits of
integrating source code analysis and binary analysis will enhance
our customers' ability to identify and remediate vulnerabilities
early, reducing false positives and leveraging runtime protections
to minimize risks. This merger empowers us to provide a
comprehensive solution that supports safe and secure software
development lifecycles, ultimately protecting both national
infrastructure and individual consumers," said Oscar van der Meer, CEO of MergeBase.
This acquisition positions Finite State at the forefront of the
rapidly growing application security market, projected to reach
USD 55.0 billion by 2029
(MarketsandMarkets). With a focus on secure-by-design principles,
the strategic merger will empower organizations to develop, deploy,
and manage software with unparalleled confidence.
About Finite State
Finite State is the leading provider of software risk management
solutions for connected devices and software supply chains. The
Finite State platform is a central hub for device security,
delivering continuous visibility into potential software risks.
Armed with access to over two billion data points, customers
receive actionable insights, encompassing SBOMs, vulnerability
data, and remediation guidance. This proactive strategy streamlines
the mitigation of application security (AppSec) and product risks,
ensuring the safeguarding of critical sectors like consumer IoT,
healthcare, automotive, manufacturing, and energy against cyber
threats. For more information, please visit
https://finitestate.io/
About MergeBase
MergeBase is a complete software supply chain security solution
that combines Software Composition Analysis (SCA), Software Bill of
Material (SBOM), and AI-powered Attack Surface Reduction to help
teams reduce vulnerabilities in their software and meet compliance
requirements. MergeBase accelerates remediation with component
upgrades and reduces the burden on development teams by
automatically eliminating access to unused and vulnerable
application components within the target software code.
Media Contact
Lindsey Havens, Finite State, 1
614-639-5107, lindsey.havens@finitestate.io,
https://finitestate.io/
View original content to download
multimedia:https://www.prweb.com/releases/finite-state-acquires-mergebase-to-form-a-powerhouse-in-application-security-302184197.html
SOURCE Finite State