Here’s what’s new in October:

• The RunSafe Security Platform: GitHub support now available!
• Identify: New license compliance feature
• Identify: Git submodule detection
• Identify: Windows dependency mapping
• Protect: LynxOS-178 integration now available

RunSafe Adds GitHub Support!

Customers can now integrate their GitHub projects with the RunSafe Security Platform! This major update allows you to receive automatic Software Bill of Materials (SBOM) generation and integration with RunSafe Protect.

After installing our app on GitHub.com, you’ll have access to the RunSafe Security Platform. Once you’ve created an account, you can select which projects you would like to apply RunSafe Identify or RunSafe Protect to. 

For Identify, after selecting your repositories, we automatically add a RunSafe scan into a GitHub workflow. Now, every time you push code, RunSafe will automatically generate an SBOM. You can select the links within GitHub to then view the SBOMs within the platform alongside vulnerability information. When you configure Protect, you will get Protect Source integration at C++ build time.

Learn more about the RunSafe Security Platform.

New License Compliance Feature Helps Prevent Copyleft Risk

We rolled out a major new feature in the RunSafe Security Platform for license detection and compliance. The license compliance feature allows customers to configure organization-wide rules to stop the delivery of code licensed under unwanted terms, automatically alerting or blocking builds containing disallowed licenses. 

The feature is particularly useful for companies needing to prevent “copyleft” licenses, which can legally require them to open-source their proprietary code if they inadvertently pull in code with licenses that are too permissive. With this update, you can easily decide which licenses are safe, which ones are off-limits, and how you want your build pipelines to react when something slips through.

Unlike complex alternatives that require extensive manual configuration, RunSafe’s approach offers a balanced mix of control and simplicity. Whether you want to automatically fail builds that include banned licenses or just get a friendly heads-up, it’s configurable to your comfort level. As your team adds new dependencies, RunSafe automatically tracks and flags any new or “unset” licenses.

The feature also complements our SBOM generation capability with quality license detection, especially for C++. Overall, our goal is to give organizations greater control and confidence in managing open-source license compliance.

RunSafe Identify Adds Package Detection Through Git Submodules

RunSafe Identify now supports package detection through Git submodules, expanding our ability to identify and track software components in complex C/C++ projects. 

Defining packages in C/C++ is challenging. By adding Git submodules support, we’ve enabled detection of both direct and recursive submodules, whether they reference internal or external repositories. 

We’re also able to automatically extract key details, such as name, version, CPE, and PURL, enhancing accuracy and completeness in SBOM generation.

For more on the challenges of dependency management approaches in C/C++, Kelli Schwalm, Director of SBOM at RunSafe, discusses more in this blog on “The Wild West of C/C++ Development & What It Means for SBOM Generation.”

Windows Dependency Mapping Added to RunSafe Identify

We’ve expanded our SBOM generation capabilities within RunSafe Identify to include dependency mapping for Windows environments. Previously available only for Linux, this feature now allows users to visualize how software components depend on one another across Windows builds. The new functionality aligns with CycloneDX version 1.6 standards.

Learn more about RunSafe Identify.

RunSafe Delivers LynxOS-178 Support in Partnership with Lynx

We’re excited to share that RunSafe Protect now integrates with LynxOS-178, marking a key milestone in expanding protection for safety-critical embedded systems. The integration enables RunSafe’s runtime code protection to operate within the LynxOS-178 environment—used in aerospace, defense, and other mission-critical applications—while maintaining deterministic performance.

You can read more about this integration in our technical white paper on “Integrating RunSafe Protect with the LYNX MOSA.ic RTOS.” You can also learn more in our recent webinar on Aerospace Cybersecurity Strategy with Lynx.

The post October 2025 Product Updates: GitHub Support Now Available, License Compliance Features, and More appeared first on RunSafe Security.

Here’s what’s new in August:

• Protect: 100% VxWorks Coverage
• Identify: Reworked SBOM CLI for better developer experience
• Identify: Improved proprietary component enrichment in RunSafe-generated SBOMs

RunSafe Protect Expands Coverage for VxWorks Environments

RunSafe Protect now provides 100% coverage across the VxWorks environment, securing both kernel and application layers from the earliest point of execution. Organizations running VxWorks can now rely on RunSafe’s runtime code protection to defend embedded systems against exploitation attempts.

The expanded coverage underscores our commitment to delivering the most complete runtime protection across Linux, VxWorks, and beyond, where reliability and resilience are critical.

Learn more about RunSafe Protect.

RunSafe Identify SBOM CLI Rework Creates a Better Developer Experience

We’re rolling out a major rework of the RunSafe Identify SBOM CLI designed to deliver a smoother, more intuitive experience for developers.

The redesigned command structure makes it simpler to interact with the service responsible for data collection and enrichment.

For example, we’ve added new commands to interact directly with the RunSafe service, including:

• Service Start / Stop: Quickly bring the SBOM service up or down without manual workarounds.
• Service Status: Get a detailed view of the service state with more verbose logging, helping to diagnose issues faster.

The update is particularly beneficial for Windows users, where installation and service management previously required multiple steps. Customers can monitor and control SBOM services more easily, identify errors, and access richer logs, leading to a faster and more reliable development workflow.

Enrich SBOMs with Proprietary Components with RunSafe’s Improved Config File

We’ve expanded the flexibility of RunSafe’s SBOM configuration file to make it easier than ever to accurately represent your proprietary components in every SBOM you generate.

While our tooling automatically detects proprietary dependencies, companies often have greater clarity into their unique components, including licensing, authorship, or supplier information. The updated config file addresses this by allowing you to:

• Define proprietary components once: Create a single configuration file with details of your custom libraries or binaries.
• Enrich SBOMs automatically: Add critical data such as license, supplier, version, CPEs, or PURLs, and have it included in every SBOM moving forward.
• Reuse across builds: Pass the same config file into your build pipeline and reuse it across builds without extra manual effort.

The config file gives your team full control over how proprietary components are represented, while keeping SBOM generation accurate, repeatable, and efficient. 

By combining automation with configurable enrichment, you get the best of both worlds: streamlined detection for open-source dependencies and precise handling of the custom components unique to your products.

Learn more about RunSafe Identify.

The post August 2025 Product Updates: Expanded VxWorks Coverage, Streamlined CLI, and Smarter SBOM Enrichment appeared first on RunSafe Security.

Here’s what’s new in June:

• Identify: Expanded Language Support
• Identify: Improved Windows Support for C++ SBOM Generation
• Protect: QNX Support
• Protect: VxWorks 7 Support

RunSafe Identify Expands Language Support

RunSafe Identify now supports ten additional languages and frameworks making it even easier to uncover hidden risks across your entire software stack.

The latest release adds support for:

• Dart
• Elixir
• Erlang
• GitHub Actions
• Haskell
• Java
• Lua
• PHP
• Ruby
• Swift

These languages are in addition to the already supported: C/C++ (no Conan required), JavaScript, Rust, Python, and Golang.

For those developing or securing embedded systems, RunSafe Identify helps you generate more complete, accurate SBOMs and identify vulnerabilities early—across more of your codebase than ever before.

Improved Windows Support for C++ SBOM Generation

We’ve made important stability and performance improvements to C++ SBOM generation on Windows.

Previously, our approach relied on a dependency that introduced a race condition during compilation introspection. This occasionally affected the accuracy and reliability of component reporting during SBOM creation.

With this update, we’ve removed the dependency and implemented a new approach that stabilizes the introspection process. As a result, SBOM generation is now more reliable and more accurate for deeper visibility into your C++ build environments on Windows.

RunSafe Protect Now Supports QNX and VxWorks 7

We’re excited to announce that RunSafe Protect now supports QNX and VxWorks 7, two of the most widely used RTOS platforms in embedded systems and critical infrastructure.

With this update, security teams and developers can now harden applications running on these platforms against memory-based attacks without changing source code or impacting performance.

Learn more about RunSafe Protect

The post June 2025 Product Updates: QNX and VxWorks 7 Support Plus Improved Windows Support appeared first on RunSafe Security.

This month’s product updates include: 

• RunSafe Identify: Zero-Day Risk Assessment Scoring
• RunSafe Identify: Now Available On Prem
• RunSafe Identify: Improved Support for Organization-Wide Licenses

RunSafe Releases Risk Reduction Analysis Tool

The RunSafe Risk Reduction Analysis allows organizations to analyze their exposure to CVEs and potential risk from memory-based zero days. Users can upload an SBOM for insight into known vulnerability exposure. By uploading a binary, users are able to get a picture of their memory-based zero day exposure and risk reductions when runtime protections are applied.

The Risk Reduction Analysis analyzes binary code for exploit-ready ROP (Return Oriented Programming) chains and shows how much risk shrinks after applying RunSafe’s patented memory relocation technology.

To run an analysis, visit https://runsafesecurity.com/risk-reduction-analysis/. 

View a walkthrough of the analysis below.

RunSafe Identify Updates

RunSafe Identify is now available for on-prem deployment, giving organizations complete control over their security infrastructure. This new deployment option ensures sensitive data never leaves your environment while maintaining full access to RunSafe’s comprehensive vulnerability identification and SBOM generation capabilities.

We also now offer improved support for organization-wide licenses for RunSafe Identify users.

Learn More About RunSafe Identify

Explore how Identify’s expanded support helps you build safer, more transparent software. Learn more: https://runsafesecurity.com/platform/identify/

The post April 2025 Product Updates: Zero-Day Risk Assessment Scoring Now Available appeared first on RunSafe Security.

New in Identify:

• pURL Support for Debian-Based Systems: Improve traceability and precision in your SBOMs with full support for Package URLs (pURLs) in Debian environments.
• Windows Build Tool Support: Now compatible with popular Windows build tools, Identify can analyze your software more comprehensively than ever.

Learn More About RunSafe Identify

Explore how Identify’s expanded support helps you build safer, more transparent software.
Learn more: https://runsafesecurity.com/platform/identify/ 

Start a free trial: See Identify in action across your tech stack—including Windows and Debian.
Free trial: https://runsafesecurity.com/free-trial/ 

The post February 2025 Product Updates: Enhanced Support in RunSafe Identify appeared first on RunSafe Security.

This month’s product updates include: 

• Platform: New RunSafe Security Platform
• Identify: Attack Surface Reduction – CVE
• Protect: Linux Support and VxWorks 6.9 Support

Introducing the New RunSafe Security Platform

The new RunSafe Security Platform is a powerful, comprehensive solution that includes the authoritative, build-time C/C++ SBOM generator for embedded systems and enhances a system’s resiliency by automating the remediation of memory safety vulnerabilities in compiled code.

The platform is powered by 400-plus vulnerability data sources and is built as a cybersecurity solution for embedded systems deployed across critical infrastructure.

To learn more, visit https://runsafesecurity.com/platform/

RunSafe Identify Updates

RunSafe Identify now includes an attack surface reduction dashboard for CVEs in software. The dashboard shows total CVEs identified from an uploaded or generated SBOM as well as total CVE risk reduction by addressing memory-based vulnerabilities with RunSafe Protect.

RunSafe Protect Updates

RunSafe Protect, RunSafe’s patented code protection solution, now includes support for Linux and VxWorks 6.9.

Learn more about the RunSafe Security Platform: https://runsafesecurity.com/platform/ 

The post December 2024 Product Updates: New RunSafe Security Platform Unveiled and More appeared first on RunSafe Security.