SBIR/STTR Award attributes
Software Supply Chain Cyberattacks are increasing in severity and frequency. For example, the number of intentional supply chain attacks is estimated to have increased in industry by 650% in 2021 with 2022’s growth to be on a similar trajectory. A wave of software supply chain attacks is coming particularly in light of the War in Eastern Europe. To meet these new threats a new cybersecurity approach is being mandated that requires unused software to be removed. Developer tools MUST also be removed to comply with new ORA/ABC Cybersecurity requirements. These developer tools if left in software can be used by attackers to move deeper into breached systems as they can be used to inspect the software to discover weaknesses and further vectors of attack. This hacking technique is called “lateral movement” whereby a breach is made and once the hacker is in the infrastructure moves towards the high value target. This mapping of infrastructure requires inspection tools to find weaknesses. RapidFort has developed groundbreaking technology to remove the unused software AND developers tools in minutes. This results in containers free of developer tools, that are 80% smaller, 80% more secure in terms of vulnerability count, that are cheaper to build, patch, and maintain. That boot 300% faster, and use less memory and bandwidth. Ground breaking improvements at a time when they are most needed! Scanning is the number one defense against software supply chain attacks. Its mandated by all Federal agencies. It has one key timing problem! According to DAF standard practice when an image is scanned using DAF pipelines it is scanned only at build and deploy. So if we build and scan a container on Monday, and then scan and deploy on Tuesday, if on Wednesday a new exploit is discovered developers may not know that vulnerability is in their production code. And will only learn of the exploit, when the do the next update, which for some DAF software factories can be as long as two weeks. Sometimes longer. In initial discussions with DAF developers this can be as long as 6 weeks. A lifetime in hacking timescales. This scanning scheduling gap provides a long exploit window. Typically after new vulnerabilities are discovered, hackers start using them within hours so there is a window of exploit opportunity that this proposal closes. The dynamic tracking tool works by registering a container, and if a new vulnerability, patch, or exploit in the wild is discovered the user is immediately notified by email. This solution is seamless, quick, and highly effectively. Future versions will add these alerts to a dashboard so users will receive a warning email and a dashboard list of issues will be displaced but that is beyond the scope of this proposal. The email notification version is what will be prototyped and delivered. This proposal will deliver a certified solution ready for implementation.
