BlackBerry Jarvis 2.0
Software Composition Analysis for Embedded Systems
BlackBerry® Jarvis® 2.0 is a software composition analysis solution that lets you detect and list open-source software and software licenses within your embedded systems as well as their cybersecurity vulnerabilities and exposures.
Uncover Software Vulnerabilities Across Your Complex Supply Chain
It’s challenging to understand software composition and vulnerability exposure of embedded systems—especially in industries such as automotive, medical equipment, and aerospace and defense, where you need to navigate complex supply chains and stringent regulatory requirements.
BlackBerry Jarvis scans binary images or files you upload and generates reports that include graphical views of third-party files, third-party licenses and groupings of detected vulnerabilities by severity.
As a result of this coverage and superior test performance, BlackBerry Jarvis appears to be the ideal single-tool solution for embedded platforms.
Brandon Bailey, Cybersecurity Senior Project Leader, the Aerospace Corporation
Reveal What’s Hidden in Your Binaries
Do you know what software is running on your embedded systems? A software bill of materials (SBOM) can help you identify critical information about software components, allowing you to detect potential issues with implications for intellectual property disputes, security risks or overall quality. BlackBerry Jarvis 2.0 provides a view of your product’s SBOM without depending on what your suppliers provide. It provides you with vendor and product details for each file via an interactive chart.
Uncover Security Vulnerabilities
Companies with sound security practices are vigilant in tracking, managing and remediating vulnerabilities. But if you are integrating software of unknown provenance (SOUP) and have no access to source code, you could introduce security vulnerabilities into your product. BlackBerry Jarvis 2.0 helps you identify risks with a common vulnerability and exposures (CVE) dashboard for your software bill of materials. It excels in accurately detecting CVEs thanks to its ability to identify software versions and when fixes were made, helping you avoid false positives that can be costly to you and your suppliers.
Simplify Regulatory Compliance
Security standards such as ISO 21434 and regulations like the ones mandated in WP.29 ensure that vendors, suppliers and technology solution providers are accountable for managing their products’ cybersecurity. BlackBerry Jarvis 2.0 can help you meet regulation compliance by providing you with insights on the software composition of your products, including open source software license compliance. It automatically scans your binary image and produces an SBOM in just minutes and without you having to access source code. This ability to efficiently produce an SBOM is critical for the cybersecurity management required by emerging regulations.
BlackBerry Jarvis addresses the software cybersecurity needs of the automotive industry. In our independent study, Jarvis delivered excellent efficiencies in time-to-market, significantly reducing the time to security assess code from thirty days to seven minutes.
Dr. Ralf Speth, Former CEO, Jaguar Land Rover
Unlock the Full Power of BlackBerry Jarvis
You can rely on BlackBerry® cybersecurity expertise to harness the full power of BlackBerry Jarvis. Our embedded security professionals are ready to help you dive deeper into the results of your software analysis and to identify areas that need hardening and remediation. We can also help you meet cybersecurity regulations from both process and product perspectives.
Related Products and Services
BlackBerry Certicom
BlackBerry® Certicom® provides device security, anti-counterfeiting and product authentication to deliver end-to-end security with managed public key infrastructure, code signing and other applied cryptography and key management solutions.
QNX Over the Air (OTA)
QNX® Over the Air (OTA) is a customized remote software update solution designed to address the increasingly complex requirements of embedded system manufacturers. It can be tailored to seamlessly and securely update and manage endpoints for a variety of embedded systems.
Resources
