ReversingLabs, the market leader in software supply chain security, today announced it has teamed up with PricewaterhouseCoopers LLP (a limited liability partnership incorporated in England) (“PwC”)) to help businesses gain visibility and control over their software supply chain. PwC provides market-leading advisory and managed services in Third Party Risk Management (TPRM) and works with many of the world’s largest and most complex organizations. Working together, ReversingLabs and PwC will help customers modernize traditional TPRM programs that struggle to keep pace with the complexities and interconnectedness of the modern software supply chain.

“Organizations have never been more reliant on their supplier base than they are today. As a result, automation is needed to help assess the risk of these relationships at speed and scale. That is particularly true as commercial software suppliers come to rely on open source code, which is increasingly exploited by malicious actors,” said Mario Vuksan, CEO and Co-founder, ReversingLabs. “At the same time TPRM teams need solutions to not only manage emerging and existing threats from the supply chain, but other challenges, including regulatory scrutiny, access to talent, and the convergence of various risk domains.” 

Available now and strongly positioned to help businesses thwart the growing security risks inherent in third-party software, this alliance will help advance TPRM initiatives, enabling greater visibility and control over software supply chains. By combining PwC’s advisory capabilities and executive managed service to design and operationalize TPRM programs with ReversingLabs’ automated platform to quickly detect and mitigate threats within software, organizations can better protect themselves from sophisticated attacks on the software supply chain.

The partnership will help customers:

• Increase visibility into software - Visualize the components that make up the software supply chain and the risk they present to the business.
• Automate software assurance testing - Eliminate manual questionnaire-based testing required for software suppliers.
• Protect the software supply chain end-to-end - Reduce the likelihood and impact of malware and tampering attacks on the supply chain across the software development and use lifecycles.
• Reduce dependencies on supplier cooperation - Obtain security assurance over software consumed using just a binary package (no access to source code is needed). 
• Streamline risk remediation - Prioritize security remediation efforts to those critical risk issues that most significantly impact your business.

“Modern software supply chain security demands that organizations not only address issues specific to the development of software applications but also to the consumption of commercial software, where suppliers' reliance on external components like third-party libraries introduces additional risks,” Vuksan continued.

“The way firms must think about their supply chain continues to evolve and it’s clear now that with such a high dependency on software and technology, getting visibility into software security is no longer a nice-to-have activity,” said Penny Flint, Partner, PwC UK. 

“This alliance will enable PwC to enhance its best-in-class TPRM services and provide clients with the visibility they need to understand and reduce third-party risks to their software supply chain,” added Ian Trinder, Director, PwC UK.