Software Validation & Scoring
A fast and easy metric for determining a file's trustworthiness
Validate your software
Get all the intelligence you need quickly and efficiently to determine if a file is trustworthy without searching multiple databases, checking signatures, or reading through vendor PDF reports.
FACT performs exhaustive checks and analysis to provide a straightforward "trust score." This score can inform security policies and reduce the risk of counterfeit or dangerous software infiltrating your supply chain. FACT:
- Breaks down files into their subcomponents (including hidden ones) into an enriched SBOM
- Evaluates all components against our massive set of aggregated intelligence
- Leverages multiple engines and techniques to scan for deeply buried malware
- Checks if the file and its components are code-signed and evaluates the full certificate chain
- Employs Machine Learning (ML) and Natural Language Processing (NLP) technology to search multiple vulnerability databases and correlate vulnerabilities across packages
Streamline supply chain security
The FACT trust score helps you quickly and easily determine if software updates are safe to install on mission-critical devices, without spending days on the internet doing research on the file.
Trust scores and their supporting intelligence allow organizations to:
- Uncover dangerous or counterfeit files and components
- Identify packages that can be used with confidence (white listing)
- Reveal component vendors
- Embed scoring into internal SecDevOps processes via API
- Enforce policies confidently
- Ensure governance of security processes via an audit trail
A robust solution that makes a complex task easy
Simplicity
Software validation is a technically complex issue – but we’ve dealt with that, so you don’t have to. Select the files you want analyzed and we will confirm their fingerprints against our extensive database of valid and malicious files.
Confidence
The FACT solution gives you confidence that the software or firmware your staff is installing is legitimate. You can trust that attackers have not modified the code. Plus we'll dig in to see if any vulnerabilities or malware are hidden inside.
Discretion
You maintain control of your software and firmware. The FACT platform lets you choose between simple digital fingerprinting of each file or in-depth analysis for hidden vulnerabilities and malware.
