ReversingLabs and PwC enter into a strategic partnership

PwC

Key Takeaways

ReversingLabs and PwC have formed a strategic partnership to enhance visibility and control in software supply chain security, modernizing traditional Third Party Risk Management (TPRM) programs.

The alliance aims to automate risk assessment processes, eliminating the need for manual questionnaires and allowing security assurance through binary packages without source code access.

The partnership addresses the growing complexity of software supply chains, emphasizing the need for organizations to adapt their risk management strategies to include both emerging threats and regulatory challenges.

Software supply chain security company ReversingLabs has teamed up with PwC in a strategic partnership to help businesses gain visibility and control over their software supply chain. The ReversingLabs and PwC alliance assists customers to modernize traditional Third Party Risk Management (TPRM) programs that struggle to keep pace with the complexities and interconnectedness of the modern software supply chain.

The partnership also aims to help customers eliminate manual questionnaire-based testing required for software suppliers and obtain security assurance over software consumed using just a binary package without needing access to the source code. 

“Organizations have never been more reliant on their supplier base than they are today. As a result, automation is needed to help assess the risk of these relationships at speed and scale. That is particularly true as commercial software suppliers come to rely on open source code, which is increasingly exploited by malicious actors,” said Mario Vuksan, CEO and co-founder, ReversingLabs.

“At the same time TPRM teams need solutions to not only manage emerging and existing threats from the supply chain, but other challenges, including regulatory scrutiny, access to talent, and the convergence of various risk domains.” 

“Modern software supply chain security demands that organizations not only address issues specific to the development of software applications, but also to the consumption of commercial software, where suppliers’ reliance on external components like third-party libraries introduces additional risks,” Vuksan continued.

“The way firms must think about their supply chain continues to evolve and it’s clear now that with such a high dependency on software and technology, getting visibility into software security is no longer a nice-to-have activity,” said Penny Flint, partner, PwC UK. 

“This alliance will enable PwC to enhance its best-in-class TPRM services and provide clients with the visibility they need to understand and reduce third-party risks to their software supply chain,” added Ian Trinder, director, PwC UK.