BlueVoyant, the leader in integrated cybersecurity, launched its Software Bill of Materials (SBOM) management offering, which helps organizations reduce risk related to software by automating the ingestion, analysis, and tracking of software component information from third-party software vendors. The latest advancements enhance Supply Chain Defense, BlueVoyant’s next-generation third-party cyber risk management solution that continuously monitors suppliers, vendors, and other third parties, and then works with them to quickly remediate threats. BlueVoyant’s SBOM solution is powered through a partnership with Manifest, a cybersecurity company that specializes in securing software supply chains for corporate and government entities.
More than 85% of applications contain at least one software vulnerability, according to the Open Source Software Risk Analysis (OSSRA) Report. Yet, many organizations lack visibility into software design or an efficient way to assess and manage third-party SBOM information, which can leave them open to breaches, business interruption, and regulatory compliance issues. As a result, organizations are looking for solutions.
Cyber Technology Insights : BlueVoyant Unveils New Enterprise Cybersecurity Solution to Strengthen Cyber Defense and Manage Costs
By leveraging the BlueVoyant-Manifest SBOM solution, security teams can proactively gain deep insights into software risk exposure and other dependencies that their businesses may rely on.
“By combining Manifest’s depth of experience in SBOM with BlueVoyant’s holistic Supply Chain Defense, clients get continuous monitoring and remediation to solve their biggest third-party cybersecurity challenges,” said Marc Frankel, CEO and co-founder of Manifest.
The key benefits to utilizing SBOM for third-party risk are:
Vendor risk management: Automatically solicit SBOMs from vendors, see intuitive risk levels for vendor products, and incorporate them into comprehensive third-party cyber risk management
Smarter vulnerability management: Prioritize vulnerabilities quickly, and triage issues to reduce false positives and avoid unnecessary mitigation work
Open Source Software (OSS) risk management: Create an enterprise-wide inventory of OSS across first and third-party products, and scan OSS repositories to assess risk before implementing them
Simplified compliance: Easily demonstrate compliance and provide evidence for international regulations and standards such as R155, Executive Order 14028, Section 524B, the European Cyber Resilience Act, and the EU’s NIS2 and DORA
“Organizations in the private and public sectors are realizing that SBOM visibility is a crucial part of a proactive third-party cyber risk management program,” said Joel Molinoff, global head of Supply Chain Defense at BlueVoyant. “By enhancing BlueVoyant’s Supply Chain Defense with Manifest’s SBOM capabilities, our clients are expanding their risk visibility deeper into the software supply chain and ensuring continuous monitoring and remediation of critical threats.”
Cyber Technology Insights : BlueVoyant’s Supply Chain Risk Solutions Now Available on GSA’s $919 Million SCRIPTS BPA Via Carahsoft
BlueVoyant’s Supply Chain Defense has garnered multiple industry awards. This year it was named a winner in the Cybersecurity Excellence Awards for Supply Chain and a finalist in the SC Awards for Best Supply Chain Security. Additionally, BlueVoyant was recognized in the 2025 Gartner® Market Guide for Third-Party Risk Management Technology Solutions published May 2025 by Antonia Donaldson, Luke Ellery, et al.
Supply Chain Defense is part of the BlueVoyant Cyber Defense Platform, which provides holistic cyber defense by helping clients to detect, investigate, and mitigate threats from internal, external, and third-party ecosystems in one cloud-native platform.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Cyber Technology Insights : BlueVoyant Appoints Michael Montoya as COO
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
Source: PR Newswire
