BlackBerry Jarvis 2.0
Software Composition Analysis and Security Testing for Embedded Systems.
BlackBerry® Jarvis® 2.0 is a binary scanning solution that performs both software composition analysis and security testing. It enables you to detect and list open-source software and software licenses within your embedded systems and uncover their cybersecurity vulnerabilities and exposures – all without requiring access to source code.
Uncover Software Vulnerabilities Across Your Complex Supply Chain
It’s challenging to understand software composition and vulnerability exposure of embedded systems—especially in industries such as automotive, medical equipment, and aerospace and defense, where you need to navigate complex supply chains and stringent regulatory requirements.
BlackBerry Jarvis scans binary images or files you upload and generates reports that include graphical views of third-party files, third-party licenses and groupings of detected vulnerabilities by severity.
As a result of this coverage and superior test performance, BlackBerry Jarvis appears to be the ideal single-tool solution for embedded platforms.
Brandon Bailey, Cybersecurity Senior Project Leader, the Aerospace Corporation
Reveal What’s Hidden in Your Binaries
Do you know what software is running on your embedded systems? A software bill of materials (SBOM) can help you identify critical information about software components, allowing you to detect potential issues with implications for intellectual property disputes, security risks or overall quality. BlackBerry Jarvis 2.0 provides a view of your product’s SBOM without depending on what your suppliers provide. It provides you with vendor and product details for each file via an interactive chart.
Uncover Security Vulnerabilities
Companies with sound security practices are vigilant in tracking, managing and remediating vulnerabilities. But if you are integrating software of unknown provenance (SOUP) and have no access to source code, you could introduce security vulnerabilities into your product. BlackBerry Jarvis 2.0 helps you identify risks with multiple dashboards including those for Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE). It excels in accurately detecting vulnerabilities thanks to its ability to derive deep insights on many aspects of the security of a binary package.
Simplify Regulatory Compliance
Security standards, such as ISO 21434 and regulations like the ones mandated in the US Executive Order 14028 and WP.29, ensure that vendors, suppliers and technology solution providers are accountable for managing their products’ cybersecurity. BlackBerry Jarvis 2.0 can help you meet regulatory compliance by providing you with insights on the software composition of your products, including open source software license management, automatically scanning your binary image to efficiently produce an SBOM. In fact, BlackBerry Jarvis 2.0 enables you to generate a comprehensive SBOM in the Software Package Data Exchange® (SPDX®) report standard, one of the leading standards to support Executive Order 14028. This ability to efficiently produce a standards-compliant SBOM is critical for the cybersecurity management required by emerging regulations.
BlackBerry Jarvis addresses the software cybersecurity needs of the automotive industry. In our independent study, Jarvis delivered excellent efficiencies in time-to-market, significantly reducing the time to security-assess code from thirty days to seven minutes.
Dr. Ralf Speth, Former CEO, Jaguar Land Rover
Unlock the Full Power of BlackBerry Jarvis
You can rely on BlackBerry® cybersecurity expertise to harness the full power of BlackBerry Jarvis. Our embedded security professionals are ready to help you dive deeper into the results of your software analysis and to identify areas that need hardening and remediation. We can also help you meet cybersecurity regulations from both process and product perspectives.
Related Products and Services
BlackBerry® Certicom® provides device security, anti-counterfeiting and product authentication to deliver end-to-end security with managed public key infrastructure, code signing and other applied cryptography and key management solutions.
QNX Over the Air (OTA)
QNX® Over the Air (OTA) is a customized remote software update solution designed to address the increasingly complex requirements of embedded system manufacturers. It can be tailored to seamlessly and securely update and manage endpoints for a variety of embedded systems.
Don't Fear the Black Box: Ensuring Reliable and Secure Software in the Modern AgeWatch the Webinar
Frost & Sullivan Report: BlackBerry Jarvis Secures Embedded Systems by Uncovering Hidden Vulnerabilities and ExposuresRead Now