BlackBerry releases Jarvis 2.0 the latest edition of its flagship analysis tool
BlackBerry has released BlackBerry Jarvis 2.0, the latest edition of its flagship software composition analysis tool.
One of the notable additions to Jarvis 2.0 is SaaS, and a new user-friendly feature set for developers and integrators, including open source software (OSS), common vulnerabilities and exposures (CVE), and software bill of materials (SBOM) management. The dashboard online UI has also been updated with specific cautions and advisory flags for software security.
Blackberry says Jarvis 2.0 has been designed to address the growing and increasingly complex cybersecurity threats among multi-tiered software supply chains within the medical, automotive, and aerospace industries. It says Jarvis 2.0 allows OEMs to inspect the provenance of their code and every software asset that comes into their overall supply chains, ensuring products are both secure and updated with the most recent security patches.
“When building software for a modern automobile, it’s far easier said than done,” says Blackberry.
“There are more than 150,000 publicly disclosed vulnerabilities as of mid-July 2021. A complex piece of software for a vehicle infotainment system may contain hundreds of third-party software modules. Failure to check and update each piece of software provides openings for hackers to potentially exploit those vulnerabilities.”
According to Blackberry, Jarvis 2.0 addresses the need to identify and remediate vulnerabilities by identifying them and providing deep, actionable insights in minutes, something that would otherwise involve manually scanning by several experts.
“A number of cybersecurity regulatory changes and standards such as UNECE WP.29 and SBOM are on the horizon, which will empower authorities to levy fines against non-compliance or shut down operations altogether,” says BlackBerry Technology Solutions CTO, Adam Boulton.
“So the time for OEMs to get a handle on their entire code base is now. Don’t sit idly by and wait for a bad actor to exploit a vulnerability that could have far-reaching consequences. With the release of BlackBerry Jarvis 2.0, embedded software developers and integrators have an intuitive and reliable software composition analysis tool to help them meet their cybersecurity goals with efficiency and confidence.”
Frost & Sullivan, TechVision senior analyst, Hiten Shah, says as software supply chains get increasingly complex and cyberattacks become more sophisticated, securing embedded devices at the firmware layer is becoming an integral part of device security management.
“With Jarvis 2.0, BlackBerry has translated years of knowledge and experience in embedded device security into an impressive, feature-rich product for software binary analysis,” he says.