BlackBerry Jarvis named best in breed for protecting software supply chains

WATERLOO, Ontario — BlackBerry Jarvis, a software composition analysis tool, has been recognized as “Best in Breed” by an Internal Research & Development project (IRAD).

The analysis was conducted on behalf of the US Department of Defense by The Aerospace Corporation, and recommends the most proficient binary analysis solutions on the market for embedded software, citing BlackBerry Jarvis as the most promising and robust after a rigorous assessment of key players.

As software grows in complexity it creates an even larger attack surface. There are several regulatory changes and standards such as WP.29 and Software Bill of Materials (SBOM) coming into effect which will empower authorities to levy fines against non-compliance or shut down operations completely. The first step in mitigating these risks is the ability to inspect the code that comes from suppliers into supply chains, and in environments where safety and security are paramount, it is not economically feasible to manually inspect all third-party binary files to ensure the quality of a multi-tier software supply chain.

BlackBerry Jarvis can extract the characteristics and attributes from compiled binaries without access to source code and analyze them to deliver insights into the quality and security of software components.

“As a result of its extensive vulnerability coverage and superior test performance, BlackBerry Jarvis appears to be the ideal single-tool solution for embedded platforms,” said Brandon Bailey, cybersecurity senior project leader at Aerospace.

BlackBerry Jarvis was tested on the DoD’s in-production and in-orbit satellite systems, as well as ground flight systems and billion-dollar telescopes. It could detect a purpose-built backdoor in an open-source product which evaded other tools involved in the process.

“We are honored to be recognized as best in breed in this report,” said Adam Boulton, chief technology officer, BlackBerry Technology Solutions. “We understand the need to iterate and deliver software rapidly and with BlackBerry Jarvis tasks that would take upwards of a month to complete can now be automatically remedied within minutes.”