On May 11 2020, Vigilant Ops, an innovator in medical device cybersecurity, announced the immediate availability of InSight Platform V1, enabling medical device manufacturers to begin automatically generating, updating, and monitoring device software bills of materials (SBOMs). FDA’s draft version of their premarket guidance refers to these as CBOMs (Cybersecurity Bill of Materials)1, given the original desire to include hardware components in device bills of materials. Since the original draft guidance, FDA and others have begun referring to the documents as SBOMs (Software Bill of Materials) and eliminating the hardware component inclusion. Vigilant Ops will also refer to these device software bills of materials as SBOMs.
“The Vigilant Ops InSight Platform V1 is a game-changer in medical device cybersecurity,” said Ken Zalevsky, CEO at Vigilant Ops and former Head of Medical Device Cybersecurity at Bayer. “Medical device manufacturers are under extreme pressure from customers, prospects, and regulatory bodies to prove the safety and security of their devices. SBOMs are an industry-accepted solution but are very labor-intensive to generate and require continuous monitoring and maintenance. The InSight Platform eliminates this manual generation effort, while providing real-time monitoring of various public vulnerability sources and continuous maintenance of device bills of materials.”
The InSight Platform uses advanced techniques to interrogate medical device and automatically generate SBOMs. Using artificial intelligence and machine learning, the InSight Platform continuously monitors for vulnerabilities in discovered device components, enabling device manufacturers to respond proactively to the latest discovered threats.
- Content of Premarket Submissions for Management of Cybersecurity in Medical Devices. FDA. Published online October 2018.