REA™ releases SAG-PM™ Version 1.1.4 with open-source enhancements and YouTube training videos
SAG-PM™ now implements an open source, free, XML schema Vendor Response File format to share risk assessment data required by NATF's Security Assessment Model
This release of SAG-PM™ expands on the amount of evidence data collected during a risk assessment by including information pertaining to software vendor financial data, cybersecurity policies and other company data needed to perform a comprehensive Cybersecurity Supply Chain Risk Management (C-SCRM) risk assessment following NIST and NATF guidelines. A Software Bill of Materials (SBOM) is automatically generated by SAG-PM™, if no vendor supplied SBOM is available from the software vendor, which becomes part of the collected evidence data, along with vendor supplied information regarding SDLC policies and practices and Provenance evidence data from a Product’s SDLC process, (i.e. SLSA and in-toto) when this information is provided by the software vendor. All of these evidence files, along with the SAG-PM™ risk assessment results and SAGScore™ following the patent pending SAG™ method (16/933161) are stored in a software customers evidence locker for safe keeping and use during an audit or for other purposes. With these enhancements an energy company can provide hard evidence of their cybersecurity supply chain risk management controls and measures to auditors, cyber insurers, credit rating agencies and regulatory entities, all in one complete evidence package.
REA is also pleased to announce the availability of two new YouTube training videos produced by Co-Founder and COO, Joanne Brooks, to help SAG-PM™ customers with pre-requisite installation steps and the process to install SAG-PM™ on a customer’s Windows 10 system.
REA is a proud IEEE Entrepreneurship Program Participant and an Amazon Web Services (AWS) Activate partner.
Never trust software, always verify and report! ™
Dick Brooks
Reliable Energy Analytics LLC
+1 978-696-1788
dick@reliableenergyanalytics.com
Joanne Brooks Training Video 001: Prerequisites
EIN Presswire does not exercise editorial control over third-party content provided, uploaded, published, or distributed by users of EIN Presswire. We are a distributor, not a publisher, of 3rd party content. Such content may contain the views, opinions, statements, offers, and other material of the respective users, suppliers, participants, or authors.