RunSafe Security Inc.

Use-after-free (UAF) errors are a type of memory-based attack that can be used by attackers to compromise systems, execute malicious code, or cause data corruption or systems crashes. A recent example is CVE-2022-22667, a UAF flaw in iOS 15 that enabled malicious applications to execute arbitrary code with kernel privileges. Using Load-time Function Randomization (LFR), RunSafe renders use-after-free vulnerabilities inert by moving the location of ROP gadgets around in memory, making it impossible for an attacker to address the gadgets and activate an exploit. What other memory-based attacks could you defend against with LFR? Get a copy of our whitepaper "Safeguarding Code: A Comprehensive Guide to Addressing the Memory Safety Crisis" for more insight: https://runsafe.ly/3Pq5tzl

Automate SBOM generation with RunSafe Identify! Log in through GitLab and (coming soon ⏳👀 ) GitHub, authenticate, we'll show your repository tree, then you configure and select your projects. Once that's done, you'll get SBOMs generated for every pipeline run that occurs. 💫 Want to try it out? You can start a free trial or take advantage of one of our special offers for early adopters of RunSafe's new platform: https://runsafe.ly/4a51VvY #SBOM #devops #DevSecOps #SoftwareBillofMaterials #ProductSecurity

RunSafe Founder and CEO Joe Saunders joined Dave Bittner on the N2K | CyberWire Podcast to discuss the challenges of safeguarding critical infrastructure, particularly with the looming threat of attacks by nation-state actors. "It's a complex problem where I think we're only really scratching the surface," Joe said. Listen to the full conversation: https://runsafe.ly/3BLS6GF

Why are memory safety vulnerabilities so common, and how do attackers exploit them? Shane Fry, CTO at RunSafe Security, breaks it down in this insightful RunSafe Security Minute. From understanding why these vulnerabilities persist to learning how attackers exploit them, this video highlights the critical role of memory safety in today’s cybersecurity landscape.  Discover how RunSafe’s Protect capability mitigates these vulnerabilities with innovative memory randomization techniques. Watch the full video here: https://runsafe.ly/40iz9o9 #MemorySafety #Cybersecurity

💡 What does it take to convert a C++ codebase to Rust and is it possible to know how at risk your software is to a memory-based attack? Both good questions, and both will be answered at S4x25! If you haven't yet, grab your tickets and join RunSafe for two exciting speaking sessions with Mitch Souders and Ulf Kargén, Assistant Professor at Linköping University. Learn more: https://runsafe.ly/4a90D2X #s4x25 #rust

2024 has been a big year for RunSafe, and as we look back and reflect, it only makes us more excited for what's to come. We formed new partnerships with our friends at Critical Software and Four Inc.. We received backing from SineWave Ventures, Critical Ventures, Alsop Louie Partners, Lockheed MartinVentures, BMW i Ventures, NextGen Venture Partners, and Working Lab Capital. We launched a new brand presence and refined our mission. We secured five new patents and expanded our team. And just this month we launched our new platform, designed to improve your software's resilience and take the stress out of vulnerability management for DevSecOps professionals and product security leaders. So a big welcome to 2025! Let's make it another year of pushing toward the goal of denying attackers and safeguarding critical infrastructure to make the world a safer place for all.

Join us for a live demonstration of RunSafe’s new platform with our CTO Shane Fry This live demo will showcase our platform’s updated tools and features, including: 🔷 Build-time SBOM generation for C/C++ 🔷 Automated vulnerability management 🔷 Protection against memory safety CVEs Register now and join us live on January 21, 2025: https://runsafe.ly/3ZQUUu4

High-profile software supply chain attacks like SolarWinds and Log4j spurred the need for organizations to have visibility into their software components. SBOMs emerged as a tool for managing and mitigating software supply chain risks. Now, the next step for product security is for asset owners and suppliers to share SBOMs freely, making it easier to identify and mitigate vulnerabilities quickly and efficiently. See all of RunSafe's product security predictions here: https://runsafe.ly/3VWPb4u #ProductSecurity #SecurityPredictions #SecurebyDesign

🍪 Sweeten Your Software Security: Holiday Edition This season, we’re mixing software supply chain security with cookies! Not all SBOMs are created equal, and how you generate one makes all the difference: ✨ Binary-Based SBOMs = Guessing store-bought ingredients ✨ Source Code SBOMs = Following a recipe (mostly) ✨ Build-Time SBOMs = Real-time accuracy while baking The right SBOM ensures stronger security and better risk management. Ready to perfect your SBOM recipe? Read the full newsletter below! #Cybersecurity #SBOM #SoftwareSecurity

A Software Bill of Materials is like your favorite holiday cookies. 🍪 Which SBOM would you choose? #SBOM #SoftwareBillofMaterials #ProductSecurity