Cybeats Partners with CodeSecure to Automate Software Supply Chain Security Management


Cybeats Technologies Corp. (“Cybeats” or the “Company”) (CSE: CYBT) (OTCQB: CYBCF) and CodeSecure, formerly the products division of GrammaTech and a leading provider of application security testing products, today announced a technology partnership to help customers proactively monitor and remediate software supply chain security threats.

According to industry sources, reused code is prevalent in virtually all software products. For example, research firm Gartner, Inc. estimates that 40% to 80% of the lines of code in new software projects come from third parties. Most of this external code comes from myriad open-source projects; the remaining proprietary code comes from suppliers that provide little or no transparency to its status or condition.1

To address these challenges, the CodeSecure CodeSentry® software composition analysis platform will provide binary-derived software bill of materials (SBOM) intelligence to Cybeats for automating the detection, prioritization and mitigation of open source vulnerabilities when source code is not available.

The partnership with CodeSecure is a natural one for Cybeats as our two class-leading solutions complement each other, and will allow us to serve our joint customer base in the key market verticals such as Industrial Control Systems, Medical Device Manufacturers, Telecom and Transportation. CodeSecure is able to provide a solution to customers that require a leading BSCA tool and the generation of SBOMs, for effortless end to end SBOM propagation from build analysis to ingestion monitoring and sharing the SBOMs,” said Bob Lyle, CRO, Cybeats.

Together Cybeats Studio and CodeSentry enable customers to detect, manage and remediate security vulnerabilities in open source components to help prevent and better respond to software supply chain attacks like Log4j,” said Andrew Meyer, CMO, CodeSecure. “The integration of CodeSecure and Cybeats provides complete visibility of all known security risks, including actionable insights that reduce business decision time from months to days or even hours, and makes it possible to transition from point in time to continuous SBOM monitoring.


Renowned National Defense Technologist Dr. Georgianna Shea Joins Cybeats Advisory Board


Cybeats Technologies Corp. (“Cybeats” or the “Company”) (CSE: CYBT) (OTCQB: CYBCF) is pleased to announce the appointment of esteemed cybersecurity expert Dr. Georgianna Shea to its advisory board.

Dr. Georgianna Shea serves as Chief Technologist at the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation (CCTI) and Transformative Cyber Innovation Lab (TCIL). Boasting over 25 years of experience in various engineering and cybersecurity disciplines, she devoted her career to National Security. Her extensive expertise, leadership skills, and proven track record make Dr. Shea an invaluable addition to Cybeats’ advisory board.

“I am honored and enthused to join Cybeats’ advisory board and look forward to working closely with the team to help advance their cybersecurity efforts to enable data-driven decision capabilities that lead to improved cybersecurity,” said Dr. Georgianna Shea, Cybeats Advisor.

“Dr. Shea’s expertise will play a crucial role in shaping our product’s future, and we are excited to welcome her to our team. Her vast experience and deep understanding of cybersecurity will undoubtedly contribute to our continued growth and innovation in the areas of SBOM management, risk and compliance, and software supply chain intelligence. As a practical leader in the industry, Dr. Shea has a deep understanding of the Risk Management Framework (RMF) and will actively advise us on how to bridge the gap between the private and public sectors in this space,” said Dmitry Raidman, CTO of Cybeats.

Dr. Shea holds a Doctorate in Computer Science Information Assurance from Colorado Technical University. She has held various leadership positions within top tech companies and community groups, including serving on the President’s Council of Advisors on Science and Technology’s Working Group on Cyber-Physical Resilience, the Global Resilience Federation’s Operational Resilience Framework Team, and as an advisory board member for American Binary.

Among her many achievements, Dr. Shea has numerous publications advocating for policies enhancing cybersecurity for national security, has served as an adjunct professor with multiple universities, is a member of the CyberWire Hash Table of experts, and is a member of the Cybersecurity Canon at the Ohio State University.


Cybeats Addresses Recent ‘3CX’ Cyberattack and Highlights Government Agencies’ Support for SBOMs


Cybeats Technologies Corp. (“Cybeats” or the “Company”) (CSE: CYBT) (OTCQB: CYBCF) highlights the challenges faced by nations in securing their infrastructure, particularly in the context of increasing software supply chain threats. The recent 3CX cyberattack carried out by North Korea nation state-backed hackers has public and private stakeholders calling for increased supply chain transparency.

In line with the tone set by the Cyber Executive Order (EO) 14028 from 20211, government agencies around the world are recognizing Software Bills of Materials (SBOM) as a required baseline to ensure security in software acquisition, market access and risk management processes. The recently released U.S. National Cyber Strategy (NCS) builds on SBOM efforts in the Cyber EO calling on U.S. Congress to change market incentives and establish liability for software products and services, and expand SBOM requirements. Cybeats is currently engaged with multiple government agencies responsible for safeguarding national security.

“Government agencies play an important role in ensuring that industry adopts standards of care for secure software development and maintenance of products and services, or face liability risks. As SBOM requirements become increasingly relevant to the government software procurement process, the private sector is rapidly embracing them as well. With the growing significance of SBOMs, organizations spanning diverse industries, such as finance, technology, industrial, medical, and automotive, are actively evaluating their Software Development Life Cycle and SBOM practices to meet the rising demand for SBOMs,” said Yoav Raiter, CEO of Cybeats.

3CX Software Supply Chain Attack

3CX has over 600,000 customers in 190 countries, representing over 12M users. Security firms have indicated that the 3CX hackers targeted both Windows and macOS users of the compromised 3CX softphone app. The malicious activity includes beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and, in a small number of cases, hands-on-keyboard activity. Initial research indicates the number of potential victims is in the hundreds of thousands.

Cyberattacks like 3CX and SolarWinds have prompted governments globally to collaborate closely with public and private sector security experts and provide additional resources like guidance by the Cybersecurity and Infrastructure Security Agency (CISA) and other U.S. government agencies titled “Securing the Software Supply Chain”2 for software developers, suppliers and customers, to help ensure a more secure software supply chain. It is becoming imperative for organizations to consistently update their Software Development Life Cycle (SDLC), software and supply chain vulnerability, and risk management resources and practices. SBOM management aims to help mitigate potential vulnerabilities, maintain security and meet compliance requirements.



2 2022 report by the Enduring Security Framework (ESF) Software Supply Chain Working Panel referencing NIST SP 800-218 and other secure software development and supply chain risk management guidance.

SBOM in Canadian Regulations – Bill C-26

Canada’s recent introduction of the C-26 legislation outlines the protection of critical cyber systems, laying the groundwork for improved software supply chain security, SBOM, and fostering a safer digital landscape. The Critical Cyber Systems Protection Act (CCSPA) aims to create a framework to protect critical cyber systems that support services vital to national security or public safety. The CCSPA seeks to ensure that risks to critical cyber systems are identified and managed, including risks associated with supply chains and the use of third-party products and services.3

This new Canadian legislation follows global trends, focusing on managing risks associated with supply chains and third-party products and services, ensuring that critical cyber systems remain protected from compromise and minimizing the impacts of cybersecurity incidents. Designated operators of these critical cyber systems will be required to establish and implement a cybersecurity program, mitigate supply-chain and third-party risks, and adhere to reporting and notification obligations in the event of a cybersecurity incident.

EU Cyber Resilience Act

Cybercrime costs reached $6 trillion in 2021, prompting the European Commission to propose the Cyber Resilience Act (CRA) to enhance software security. The CRA aims to hold manufacturers accountable for improving software security throughout the entire product life cycle and increase transparency into software vulnerabilities. A key strategy in the CRA is the implementation of Software Bill of Materials (SBOM) management, which tracks and shares metadata details of software components and supply chain relationships. Non-compliance with the CRA may lead to significant fines and reputational damage. As the CRA impacts software sold or used in Europe, adopting SBOM management now is crucial for future compliance and security.4


Cybeats Announces Successful Product Delivery to its Leading Energy Management, ICS and Automation Clients


Cybeats Technologies Corp. (“Cybeats” or the “Company”) (CSE: CYBT) (OTCQB: CYBCF) has successfully delivered its SBOM Studio1 to two of its largest clients: a leading global provider of energy management solutions and a Fortune 500 building technology and industrial automation company. The contracts with these two clients are for three-year engagements.2

Cybeats successfully delivered the SBOM Studio product for two clients, that will see Cybeats’ leading solution deployed to reduce the cost of securing its products by enabling SBOM sharing, providing accurate SBOM data and tools to manage SBOM at scale.

SBOM Studio’s powerful capabilities and scalability emphasize our dedication to addressing the use cases of our key enterprise customers in the ICS and building automation sectors,” said Dmitry Raidman, CTO of Cybeats“Our successful deployment for these notable clients underscores our commitment to delivering solutions that provide real value, enabling them to confidently manage their SBOMs at scale.”

SBOMs (Software Bill of Materials) have emerged as a catalyst for transformation in product security across nearly all sectors, aiming to improve visibility and security of the software supply chain. However, organizations face challenges with widespread implementation due to the scale of change and manual work required. SBOM Studio is designed to automate SBOM management and simplify SBOM implementation, ultimately improving ROI by reducing the overhead required to embed SBOM across an organization.


Pioneering SBOM Management: Cybeats Launches New ‘SBOM Quality Score’ Feature on its SBOM Studio


Cybeats Technologies Corp. (“Cybeats” or the “Company”) (CSE: CYBT) is pleased to announce the release of its latest product feature, the SBOM Quality Score, now available on the SBOM Studio platform. The SBOM Quality Score is pioneering the industry with a new innovative functionality that adds significant value to the platform by providing security teams with a comprehensive assessment of their software bill of materials (SBOM) quality.

With the SBOM Quality Score, security teams can validate their SBOM files before importing, ensuring that the file is correctly formatted according to the SBOM standard, and acting as ‘quality control gates’ for their SBOM ingestion processes.The feature’s score system assesses multiple metrics to evaluate the SBOM’s quality and provides extensive logging information to help customers understand why their SBOMs do not meet the required specifications. This functionality allows security teams to significantly reduce the time spent on SBOM management, prioritize cybersecurity operations, and enhance their overall security posture.

Cybeats is proud to now offer our clients the SBOM Quality Score, which provides a deeper understanding of each SBOM, reducing the risk of bringing bad data that pollutes their data sets, and gives clients even greater confidence in their SBOMs. This fundamental feature enhances the overall experience on the SBOM Studio platform, and the robust and reliable functionality follows our commitment to providing cutting-edge technology solutions,” said Dmitry Raidman, CTO of Cybeats.

Cybeats’ commitment to innovation and value creation is evident in the SBOM Quality Score’s user-friendly design and robust functionality. The feature enhances the SBOM Studio platform experience, providing customers with even greater confidence in their SBOMs. By offering valuable insights into each SBOM’s quality, the score is a game-changer for SBOM consumers or producers. This innovative feature offers security teams streamlined SBOM management operations, gaining valuable insights, and ultimately enhancing their overall security posture. Cybeats remains committed to providing cutting-edge solutions to its customers and looks forward to seeing the value this brings to the cybersecurity industry.

SBOM Studio

Cybeats’ SBOM Studio enables organizations to efficiently manage, distribute, and view their software bill of materials (SBOMs) in a single interface. By doing so, they can easily identify and address cybersecurity vulnerabilities, reduce the cost of protection, and improve compliance. SBOM Studio is specifically designed to support software producers and consumers who use open source and 3rd party software components and who are transitioning to more transparent software development practices. The tool is compatible with various SBOM generation tools and can validate and correct imported SBOMs to improve their accuracy. With the addition of the SBOM Quality Score, key features of SBOM Studio now include:

  • Automated SBOM Management
  • Accelerated Vulnerability Management
  • Improved Workflow for Security Operations
  • SBOM Sharing and Exchange
  • Data-Driven Business Decisions
  • Regulatory Compliance and Licence Infringement
  • VEX functionality1
  • SBOM Quality Score