Home
News
Tech Grid
Data & Analytics
Data Processing Data Management Analytics Data Infrastructure Data Integration & ETL Data Governance & Quality Business Intelligence DataOps Data Lakes & Warehouses Data Quality Data Engineering Big Data
Enterprise Tech
Digital Transformation Enterprise Solutions Collaboration & Communication Low-Code/No-Code Automation IT Compliance & Governance Innovation Enterprise AI Data Management HR
Cybersecurity
Risk & Compliance Data Security Identity & Access Management Application Security Threat Detection & Incident Response Threat Intelligence AI Cloud Security Network Security Endpoint Security Edge AI
AI
Ethical AI Agentic AI Enterprise AI AI Assistants Innovation Generative AI Computer Vision Deep Learning Machine Learning Robotics & Automation LLMs Document Intelligence Business Intelligence Low-Code/No-Code Edge AI Automation NLP AI Cloud
Cloud
Cloud AI Cloud Migration Cloud Security Cloud Native Hybrid & Multicloud Cloud Architecture Edge Computing
IT & Networking
IT Automation Network Monitoring & Management IT Support & Service Management IT Infrastructure & Ops IT Compliance & Governance Hardware & Devices Virtualization End-User Computing Storage & Backup
Human Resource Technology Agentic AI Robotics & Automation Innovation Enterprise AI AI Assistants Enterprise Solutions Generative AI Regulatory & Compliance Network Security Collaboration & Communication Business Intelligence Leadership Artificial Intelligence Cloud
Finance
Insurance Investment Banking Financial Services Security Payments & Wallets Decentralized Finance Blockchain Cryptocurrency
HR
Talent Acquisition Workforce Management AI HCM HR Cloud Learning & Development Payroll & Benefits HR Analytics HR Automation Employee Experience Employee Wellness Remote Work Cybersecurity
Marketing
AI Customer Engagement Advertising Email Marketing CRM Customer Experience Data Management Sales Content Management Marketing Automation Digital Marketing Supply Chain Management Communications Business Intelligence Digital Experience SEO/SEM Digital Transformation Marketing Cloud Content Marketing E-commerce
Consumer Tech
Smart Home Technology Home Appliances Consumer Health AI Mobile
Interviews
Anecdotes
Think Stack
Collab IQ Event Coverage Guest Articles
Press Releases
Articles
Featured Tech Drops
  • Threat Intelligence

NetRise® Launches AI-Powered Cybersecurity Product To Detect Undisclosed Software Weaknesses Before They Become Exploited Vulnerabilities

NetRise® Launches AI-Powered Cybersecurity Product To Detect Undisclosed Software Weaknesses Before They Become Exploited Vulnerabilities
  • by: Source Logo
  • |
  • June 19, 2025

NetRise ZeroLens™ enables global enterprises and device manufacturers to proactively reduce the impact of zero-day exploits in compiled code and firmware

NetRise, the leader in software supply chain security — helping companies inventory software assets and identify and respond to software risk — today announced the launch of a new product, NetRise ZeroLens.

NetRise's category redefining platform creates a software asset inventory, which is critical to manage organizational risk. NetRise uniquely analyzes compiled code to find risk in software that actually executes on devices and other systems. This technique, known as binary composition analysis (BCA), identifies vulnerabilities not found through traditional vulnerability scanners or source code scans, prioritizing those before they are exploited.

NetRise ZeroLens adds to the platform's capabilities by analyzing the compiled code for weaknesses (CWEs) that have not yet been identified or exposed as vulnerabilities. NetRise ZeroLens incorporates AI to summarize the CWEs found and guides remediation based on the context of the code around the discovered weaknesses.

"By identifying weaknesses in code already running on devices that are critical to the enterprise, NetRise ZeroLens provides CISOs and their teams a path to rapid detection and mitigation before those weaknesses are exposed as vulnerabilities," said Thomas Pace, NetRise CEO. "The cybersecurity market has been begging for proactive vulnerability identification instead of constantly operating in a reactive model. NetRise ZeroLens is proactive vulnerability identification at scale."

Benefits offered by NetRise ZeroLens include:

  • Enhanced quantification of risk: NetRise ZeroLens identifies previously unknown weaknesses in binary software, enabling better risk management decisions in the enterprise.

  • Vulnerability research at scale: NetRise ZeroLens enables ethical hackers and red team members to upload and analyze thousands of binaries concurrently, dramatically reducing the time required for manual analysis.

  • Proactive detection of code weaknesses: By identifying vulnerabilities before they are exploited, NetRise ZeroLens prioritizes remediation and mitigation workflows for device manufacturer product security teams.

"Nearly all of the medical devices whose security we ensure run on firmware," said Garrett Schumacher, Business Unit Director, Product Security at Velentium Medical. "NetRise ZeroLens gives us the ability to test software that other static analysis tools don't handle well, for instance where no industry standard or insufficient rulesets for secure coding exist. We will use NetRise ZeroLens to enforce CWE analysis on such projects in addition to NetRise's supply chain security offerings."

Not only does NetRise ZeroLens identify potential vulnerabilities found within compiled code, but the product also creates AI-driven summaries of its findings to guide any actions needed to mitigate that risk. "NetRise ZeroLens provides researchers and developers specific guidance based on its findings," said Michael Scott, NetRise CTO. "For example, if the tool finds a buffer overflow, the summary looks at the functions within the code, contextual usage, and can determine whether the input is user-supplied or static, informing and advising accordingly."

A "zero-day" is a vulnerability in code that has no patch or other fix available. Until the vulnerability is remediated, threat actors can exploit it in a "zero-day attack." Log4j is one of the most well-known zero-day exploits in recent years. Estimates at the time of its discovery in December 2021 indicate that nearly 90% of global enterprises were impacted by this incident that exploited a vulnerability in an extremely popular open-source library. Further research showed that even two years after the event, 38% of organizations continued to use vulnerable versions of the Log4j open-source library.

"NetRise ZeroLens builds on our founding vision by adding to the software asset inventory a look beyond vulnerabilities to finding weaknesses that have yet to be exploited by bad actors," continues Pace. "This enhanced context allows for better understanding of risk within the organization and proactive planning to mitigate that risk."

Resources

  • Meet NetRise: Request a meeting with our team in San Francisco for the RSA Conference 2025 from 4/28 - 5/1.

  • Schedule a Demo: To learn more about the value that a software asset inventory brings to global enterprises and device manufacturers alike, see a demo of NetRise ZeroLens.

  • Happy Hour: RSVP now to join NetRise for HopSec Trivia Night on 4/29 at 5pm PT and Keys to Security: Dueling Piano Party on 4/30 at 5:30pm PT at The Grove, 690 Mission St, San Francisco, CA 94105. To attend our RSAC 2025 events,please visit: https://www.netrise.io/company/events/rsac-2025.

  • For more information about NetRise ZeroLens, visit https://www.netrise.io/products/zerolens.

 

About NetRise

Based in Austin, Texas, NetRise protects organizations from cybersecurity risk with a revolutionary approach to software supply chain security. By analyzing compiled code rather than source code, its category-redefining platform creates a software asset inventory that identifies risk within the software actually installed on the systems critical to enterprise infrastructure. With NetRise, software producers and device manufacturers alike build a more accurate view of the software composition of their products. Likewise, cybersecurity professionals within the enterprise and federal government can quickly identify vulnerabilities and other software supply chain risks in the assets that run their organization. NetRise provides both groups with the means to respond quickly to threats identified by the NetRise platform. When unforeseen software vulnerabilities are exploited by bad actors, NetRise enables rapid identification, prioritization, mitigation, and policy updates, reducing material risk to the business. https://www.netrise.io/

 

Media Contact for NetRise:

Danielle Ostrovsky
Hi-Touch PR
410-302-9459
ostrovsky@hi-touchpr.com

News Disclaimer
  • Share

Join 15,000+ Avid Tech Readers!

Trending tech news, interviews & insights straight to your inbox.