MontaVista Announces Built-in Readiness for Enterprise Linux to Address Entire Software Supply Chain Security
MontaVista incorporates Zero Trust and Secure-by-Design features for MVShield and MVSecure to secure the entire Software Supply Chain.
MontaVista is excited to bring a full set of features for compliance across our products to address the upcoming Cybersecurity regulations in US and EU so our customers focus on their value-add.”
SAN JOSE, CALIFORNIA, UNITED STATES, February 6, 2024 /EINPresswire.com/ -- MontaVista® Software, LLC, a leader in commercial Embedded Linux® products and services announces availability of Zero Trust and Secure-by-Design features for the MVShield and MVSecure line of products by incorporating development features to secure the entire Software Supply Chain. This provides a one-stop solution to create a secure and validated software supply chain for use-cases in the Enterprise Linux/MVShield target markets, like the radio and core networking, the Intelligent Edge, network- and application-level security appliances and generic enterprise applications. This follows up MontaVista’s strategic announcement late last year to start rapid evolution in the platform security area based on growing demand and recent regulatory guidelines. — Iisko Lappalainen, MontaVista Director of Product Management
MVShield and MVSecure are the first products in MontaVista’s portfolio to be enhanced for security following this strategy. The plan is also to introduce similar enhancements shortly to MontaVista’s leading embedded product, CGX. The main areas addressed are:
1) In the immediate term, MVShield will support securing the Software Supply Chain, by adding functionality and tooling for Software Bill Of Materials (SBOM) generation and validation and Common Vulnerabilities and Exposures (CVE) reporting and scanning. This will include supporting CVE management descriptions to support scanners such as Tenable Nessus, CIS-CAT and OpenSCAP.
These enhancements will make it effortless for MVShield customers to support the reporting and compliance requirements for many market-specific certifications and regulatory requirements, such as those of the FDA and CISA.
A core value of these enhancements is enabling compliance with overarching cybersecurity focus and legislation like the EU Cyber Resilience Act and the US Executive Order on Cybersecurity, as well as benchmarks like the CISA Cyber Trust Mark.
2) Further, MVShield and MVSecure are aiming to reduce the possibility of injection of Zero-Day Vulnerabilities and malicious updates by integrating an open-source scorecard methodology for all content. Having the content automatically reviewed by MontaVista’s tools, as well as via manual inspection by MontaVista’s domain experts, will greatly increase visibility into the reliability of software used in end customers’ platforms.
MVShield is MontaVista’s Enterprise Linux distribution derived from CentOS Linux and Rocky Linux, retaining much of the source and binary compatibility of this proven Enterprise Linux ecosystem. Already deployed for several years at Tier1 customers across the telecom, networking, and security markets, MVShield has provided customers strict mission-critical SLA support and long-term maintenance on their chosen baseline of content, while amending the base distribution content. MVShield is an enterprise-level Linux with enhancements from the embedded world - allowing customers to take advantage of MontaVista’s decades of deep technical expertise and long-term support experience and open avenues unlike other embedded distributions like utilizing MontaVista for specific enhancements like customized support for AI via GPU/TPU driver customization or support for totally custom hardware platforms.
MVSecure is MontaVista’s complementary services offering that provides all the necessary services to enhance the platform security of the customers’ Linux baseline.
MVSecure provides a one-stop shop for enhancements for making any Linux comply with the EU Cyber Resilience Act, the US Cybersecurity laws, FDA regulations, or security-specific certifications like Common Criteria. MVSecure can also help in more targeted projects, such as helping customers incorporate security facilities like secure boot, SELinux and Linux integrity management.
Supporting Quotes:
“Building in security via Supply Chain and vulnerability management is key for many of our customers”, said Iisko Lappalainen, Director of Product Management at MontaVista Software, “We’re excited to bring a full set of features for compliance across our products, starting with MVShield. MontaVista can provide a full end-to-end platform solution for customers to address the upcoming regulations in US and EU, making the compliance process seamless and painless, while helping our customers focus on their value-add.”
MontaVista is encouraging customers and partners to contact your local representative, or MontaVista at sales@mvista.com and/or visit www.mvista.com for more information and discussions.
MontaVista Marketing
MontaVista Software
+1 669-777-6841
email us here
Visit us on social media:
Twitter
LinkedIn
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.