NetRise has appointed Allan Friedman, former senior advisor and strategist at the U.S. Cybersecurity and Infrastructure Security Agency (CISA), as its new strategic advisor. Widely known as the ‘Father of the SBOM,’ Friedman will help drive NetRise’s growth and innovation while strengthening its role within the cybersecurity community.
At CISA, Friedman was responsible for global cross-sector community efforts around software bill of materials (SBOM), which continues to be a top priority for the cybersecurity industry.
“Allan is a visionary and a connector. He has spent a tremendous amount of time bringing people together to solve the oldest problem in cybersecurity – the risk inherent in software and especially that introduced by third-party code. Allan’s mission is aligned with ours: to bring transparency to the composition of software to minimize risk and the ability of bad actors to infiltrate the systems on which our world depends,” said Thomas Pace, co-founder and CEO of NetRise. “His addition to NetRise’s cohort of strategic advisors promises to continue our trajectory to realize our vision to eliminate blind trust in software forever.”
Internationally recognized for leading the global Software Bill of Materials (SBOM) movement, Friedman has held senior roles at the National Telecommunications and Information Administration (NTIA) in addition to his work at CISA.
Prior to public service, he spent over a decade as a researcher and technologist, holding positions at Harvard University’s Computer Science department, the Brookings Institution, and George Washington University’s Engineering School. He is the co-author of Cybersecurity and Cyberwar: What Everyone Needs to Know (Oxford University Press).
“One of the biggest hurdles in securing the software that runs the world has been agreeing on and enforcing a mechanism to create transparency by identifying all of the ingredients – the components – that are included in software releases. We have made progress on understanding the need for SBOMs and related data, but we also need quality tools. NetRise is leading the way to deliver on the comprehensive and accurate identification of components, uncovering hidden risk, and actioning remediation of that risk,” said Friedman. “I look forward to playing a key role in the company’s continued innovation and success.”
In August, NetRise announced a major update to its software supply chain security platform, introducing capabilities that prioritize remediation and mitigation of components actively executing at run-time. The update enhances platform scalability and adds features designed to improve efficiency across the software development lifecycle and security operations.
