NetRise Announces Partner-Led Managed Software Supply Chain Risk Management Offering for the Federal Market
NetRise Announces Partner-Led Managed Software Supply Chain Risk Management Offering for the Federal Market |
| [01-July-2026] |
New offering helps federal agencies operationalize software supply chain risk management with binary-derived evidence and provenance context for a more complete view of software risk AUSTIN, Texas, July 1, 2026 /PRNewswire/ -- NetRise today announced a partner-led managed software supply chain risk management offering for the federal market. Delivered through trusted federal integrators and managed service providers, the offering enables partners to combine NetRise's independent binary analysis of compiled artifacts with NetRise Provenance, which adds software supply chain context, including the extent of the reach of software supply chain compromises, to help agencies better assess and address software risk across the products, dependencies and vendors they rely on. NetRise is working with Asc3nd Technologies Group as a strategic launch partner for this program. "Federal agencies are being asked to make software supply chain risk management operational, not just aspirational," said Thomas Pace, co-founder and CEO of NetRise. "That requires more than questionnaires, attestations or isolated tools. By enabling trusted partners with binary-derived evidence of what is actually in software, along with provenance intelligence that helps explain who is behind it and how far risk can spread, NetRise is helping agencies turn software risk into something they can assess, prioritize and act on at scale." The offering is designed to help partners deliver software supply chain risk management as an operational capability across acquisition, authorization, continuous monitoring and incident response. Three recent federal actions bear directly on this work.
NetRise starts from the binary to create an independent, full-stack software asset inventory across firmware, operating systems, containers and applications. NetRise Provenance adds a complementary layer of software supply chain context by mapping components to canonical repositories, contributors, maintainers, organizations and regions, while surfacing repository health signals and dependency blast radius - the extent of downstream impact when an open-source component is compromised - to help teams make better third-party risk, procurement and incident response decisions. Together, these capabilities help partners support federal agencies in several important ways:
"Federal agencies can't manage what they can't see — and the teams we support don't just need better tools, they sometimes need a trusted partner who can operationalize those capabilities inside their environments," said Sarn Gabriel Bien-Aime, Founder & CEO, Asc3nd Technologies Group. "Asc3nd has built our federal practice around closing that visibility gap, and NetRise gives our customers the binary-derived evidence and provenance intelligence to move from compliance theater to real, scalable risk management. We're proud to be the first partner bringing this vision to the federal market. Now, as integrated with our AI ARES platform we are more ready than ever to uncover risk and vulnerability across Federal environments that they never would have surfaced without this suite of capabilities." "Recent software supply chain incidents have made one thing clear: As attackers shift left and move further upstream, agencies and their partners cannot focus only on development-time controls," said Pace. "They also need to shift right and gain visibility into the software that is already running in production. When you combine binary analysis of what you actually build, buy and deploy with provenance intelligence about who is behind that software and how risk can spread, you can make better third-party risk decisions, respond faster and build more resilient federal systems." Resources: About NetRise NetRise is the software supply chain security company that exists to eliminate blind trust in software forever. By identifying every component in each binary image across firmware, kernels, operating systems, containers, and applications, NetRise exposes the full stack of inherited risk that source-based tools, vendor SBOMs, and questionnaires cannot see. Non-code related risk uncovered includes hidden dependencies, cryptographic artifacts, misconfigurations, secrets, among others. Global enterprises that produce and consume software, including government agencies, rely on NetRise to validate what they ship and what they run. When the software supply chain is compromised by bad actors, NetRise answers the questions, "how far do these compromises extend?" and "where am I exposed?" enabling rapid identification, prioritization, mitigation, and policy updates, reducing material risk to the business. NetRise has entered into an agreement to be acquired by Accenture (NYSE: ACN), which is also taking a majority investment in Dragos. Upon close of the transactions, NetRise will operate under Dragos. Media Contact:
SOURCE NetRise | ||
Company Codes: NYSE:ACN |













