Mediaboss Marketing

BE'ER SHEVA, Israel, Sept. 9, 2022 /PRNewswire/ --Rezilion,an automated software vulnerability management platform,announced today that it has been named a vendor providing Innovative tools for SBOM management in Gartner's new report, titled Emerging Tech: A Software Bill of Materials Is Critical to Software Supply Chain Management.

The report highlights the growing importance of SBOMs in managing software supply chain risk at a time when the software industry increases its reliance on third-party and/or open-source code. Unlike internally-developed components, which adhere to rigorous security and quality guidelines, open-source software (OSS) can come from many sources and is far more prone to risk. These security and compliance risks are exacerbated by a lack of visibility and understanding of open-source dependencies within the software supply chain. SBOMs answer that challenge by providing a much-needed view into an organization's inventory of software, as well as the dependencies, licenses, compliance posture and provenance information.

The software supply chain has become a target and is under constant attack, with high-profile breaches, such as the ones impacting SolarWinds and Kaseya. An SBOM is critical because it offers visibility, and also allows users to monitor vulnerabilities in parallel with whatever vulnerability management is conducted by the supplier. But having visibility isn't enough - organizations also need to be able to identify new software vulnerabilities. To meet this need, the report recommends that static SBOMs evolve to include dynamic and real time capabilities. Furthermore, the report highlights the need to go beyond identification of software vulnerabilities and leverage SBOMs to drive efficient remediation.

Using the Rezilion platform, customers can identify, prioritize, and remediate software vulnerabilities using a first-of-its-kind Dynamic SBOM. Unlike static SBOMs, which traditionally provide visibility into a single software environment at a specific point in time, Rezilion's Dynamic SBOM seamlessly plugs into all software environments, from development to production, and provides real-time visibility to all software components. Rezilion's Dynamic SBOM then does more than just uncover what software components are there: it reveals if and how they're being executed in runtime, providing organizations with an unparalleled solution to understand where bugs exist but also whether or not they could be exploited by attackers.

Through Rezilion's Dynamic SBOM, customers benefit from:

"Gartner's analysis and outlook on SBOMs arrives at a critical time," said Liran Tancman, Co-Founder and CEO of Rezilion. "As more organizations embrace SBOMs as a vital component of their software security tooling, we're thrilled to be among the named providers. Our Dynamic SBOM gives organizations the ability to know how their dependencies are being exploited, which solidifies how well-aligned our current capabilities are with the evolution of SBOMs in the future."

Rezilion was named a vendor in the Software Bill of Materials (SBOM) category in the Gartner Hype Cycle for Open Source Software, 2022, and the SBOM and ASOC categories in the Gartner Hype Cycle for Application Security, 2022, in July of this year.

Rezilion's Dynamic SBOM is available now across CI and on-prem and cloud environments. A basic, free-of-charge version is available for use in CI through Rezilion's website. Get started today at http://www.rezilion.com/get-started.

Rezilion's platform automatically secures the software you deliver to customers. Rezilion's continuous runtime analysis detects vulnerable software components on any layer of the software stack and determines their exploitability, filtering out up to 95% of identified vulnerabilities. Rezilion then automatically mitigates exploitable vulnerabilities across the SDLC, reducing vulnerability backlogs and remediation timelines from months to hours, while giving DevOps teams time back to build.

Learn more about Rezilion's software attack surface management platform at http://www.rezilion.com and get a 30-day free trial.

Disclaimer: GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Media Contact:Danielle OstrovskyHi-Touch PR410-302-9459[emailprotected]

SOURCE Rezilion

See the original post here:
Rezilion Recognized as SBOM Tool Provider in Gartner Emerging Technologies Trend Report on Software Bills of Materials (SBOM) USA - English - USA -...

Proposed EU rules could limit the type of research that produces cutting-edge AI tools like GPT-3, experts warn in a new study.

The nonpartisan think tank Brookings this week published a piece decrying the blocs regulation of open source AI, arguing it would create legal liability for general-purpose AI systems while simultaneously undermining their development. Under the EUs draft AI Act, open source developers would have to adhere to guidelines for risk management, data governance, technical documentation and transparency, as well as standards of accuracy and cybersecurity.

If a company were to deploy an open source AI system that led to some disastrous outcome, the author asserts, its not inconceivable the company could attempt to deflect responsibility by suing the open source developers on which they built their product.

This could further concentrate power over the future of AI in large technology companies and prevent research that is critical to the publics understanding of AI, Alex Engler, the analyst at Brookings who published the piece, wrote. In the end, the [E.U.s] attempt to regulate open-source could create a convoluted set of requirements that endangers open-source AI contributors, likely without improving use of general-purpose AI.

In 2021, the European Commission the EUs politically independent executive arm released the text of the AI Act, which aims to promote trustworthy AI deployment in the EU as they solicit input from industry ahead of a vote this fall, EU. institutions are seeking to make amendments to the regulations that attempt to balance innovation with accountability. But according to some experts, the AI Act as written would impose onerous requirements on open efforts to develop AI systems.

The legislation contains carve-outs for some categories of open source AI, like those exclusively used for research and with controls to prevent misuse. But as Engler notes, itd be difficult if not impossible to prevent these projects from making their way into commercial systems, where they could be abused by malicious actors.

In a recent example, Stable Diffusion, an open source AI system that generates images from text prompts, was released with a license prohibiting certain types of content. But it quickly found an audience within communities that use such AI tools to create pornographic deepfakes of celebrities.

Oren Etzioni, the founding CEO of the Allen Institute for AI, agrees that the current draft of the AI Act is problematic. In an email interview with TechCrunch, Etzioni said that the burdens introduced by the rules could have a chilling effect on areas like the development of open text-generating systems, which he believes are enabling developers to catch up to Big Tech companies like Google and Meta.

The road to regulation hell is paved with the EUs good intentions, Etzioni said. Open source developers should not be subject to the same burden as those developing commercial software. It should always be the case that free software can be provided as is consider the case of a single student developing an AI capability; they cannot afford to comply with EU regulations and may be forced not to distribute their software, thereby having a chilling effect on academic progress and on reproducibility of scientific results.

Instead of seeking to regulate AI technologies broadly, EU regulators should focus on specific applications of AI, Etzioni argues. There is too much uncertainty and rapid change in AI for the slow-moving regulatory process to be effective, he said. Instead, AI applications such as autonomous vehicles, bots, or toys should be the subject of regulation.

Not every practitioner believes the AI Act is in need of further amending. Mike Cook, an AI researcher whos a part of the Knives and Paintbrushes collective, thinks its perfectly fine to regulate open source AI a little more heavily than needed. Setting any sort of standard can be a way to show leadership globally, he posits hopefully encouraging others to follow suit.

The fearmongering about stifling innovation comes mostly from people who want to do away with all regulation and have free rein, and thats generally not a view I put much stock into, Cook said. I think its okay to legislate in the name of a better world, rather than worrying about whether your neighbour is going to regulate less than you and somehow profit from it.

To wit, as my colleague Natasha Lomas has previously noted, the EUs risk-based approach lists several prohibited uses of AI (e.g. China-style state social credit scoring) while imposing restrictions on AI systems considered to be high-risk like those having to do with law enforcement. If the regulations were to target product types as opposed to product categories (as Etzioni argues they should), it might require thousands of regulations one for each product type leading to conflict and even greater regulatory uncertainty.

An analysis written by Lilian Edwards, a law professor at the Newcastle School and a part-time legal advisor at the Ada Lovelace Institute, questions whether the providers of systems like open source large language models (e.g. GPT-3) might be liable after all under the AI Act. Language in the legislation puts the onus on downstream deployers to manage an AI systems uses and impacts, she says not necessarily the initial developer.

[T]he way downstream deployers use [AI] and adapt it may be as significant as how it is originally built, she writes. The AI Act takes some notice of this but not nearly enough, and therefore fails to appropriately regulate the many actors who get involved in various ways downstream in the AI supply chain.

At AI startup Hugging Face, CEO Clment Delangue, counsel Carlos Muoz Ferrandis and policy expert Irene Solaiman say that they welcome regulations to protect consumer safeguards, but that the AI Act as proposed is too vague. For instance, they say, its unclear whether the legislation would apply to the pre-trained machine learning models at the heart of AI-powered software or only to the software itself.

This lack of clarity, coupled with the non-observance of ongoing community governance initiatives such as open and responsible AI licenses, might hinder upstream innovation at the very top of the AI value chain, which is a big focus for us at Hugging Face, Delangue, Ferrandis and Solaiman said in a joint statement. From a competition and innovation perspective, if you already place overly heavy burdens on openly released features at the top of the AI innovation stream you risk hindering incremental innovation, product differentiation and dynamic competition, this latter being core in emergent technology markets such as AI-related ones The regulation should take into account the innovation dynamics of AI markets and thus clearly identify and protect core sources of innovation in these markets.

As for Hugging Face, the company advocates for improved AI governance tools regardless of the AI Acts final language, like responsible AI licenses and model cards that include information like the intended use of an AI system and how it works. Delangue, Ferrandis and Solaiman point out that responsible licensing is starting to become a common practice for major AI releases, such as Metas OPT-175 language model.

Open innovation and responsible innovation in the AI realm are not mutually exclusive ends, but rather complementary ones, Delangue, Ferrandis and Solaiman said. The intersection between both should be a core target for ongoing regulatory efforts, as it is being right now for the AI community.

That well may be achievable. Given the many moving parts involved in EU rulemaking (not to mention the stakeholders affected by it), itll likely be years before AI regulation in the bloc starts to take shape.

Read the original:
The EUs AI Act could have a chilling effect on open source efforts, experts warn - TechCrunch

A look at the shareholders of One Software Technologies Ltd (TLV:ONE) can tell us which group is most powerful. We can see that public companies own the lion's share in the company with 41% ownership. Put another way, the group faces the maximum upside potential (or downside risk).

Following a 4.0% decrease in the stock price last week, public companies suffered the most losses, but institutions who own 37% stock also took a hit.

Let's delve deeper into each type of owner of One Software Technologies, beginning with the chart below.

Check out our latest analysis for One Software Technologies

Institutions typically measure themselves against a benchmark when reporting to their own investors, so they often become more enthusiastic about a stock once it's included in a major index. We would expect most companies to have some institutions on the register, especially if they are growing.

One Software Technologies already has institutions on the share registry. Indeed, they own a respectable stake in the company. This can indicate that the company has a certain degree of credibility in the investment community. However, it is best to be wary of relying on the supposed validation that comes with institutional investors. They too, get it wrong sometimes. It is not uncommon to see a big share price drop if two large institutional investors try to sell out of a stock at the same time. So it is worth checking the past earnings trajectory of One Software Technologies, (below). Of course, keep in mind that there are other factors to consider, too.

We note that hedge funds don't have a meaningful investment in One Software Technologies. The company's largest shareholder is Computer Direct Group Ltd., with ownership of 41%. Migdal Mutual Funds Ltd. is the second largest shareholder owning 14% of common stock, and Clal Financial Management Ltd holds about 7.4% of the company stock.

To make our study more interesting, we found that the top 2 shareholders have a majority ownership in the company, meaning that they are powerful enough to influence the decisions of the company.

While studying institutional ownership for a company can add value to your research, it is also a good practice to research analyst recommendations to get a deeper understand of a stock's expected performance. We're not picking up on any analyst coverage of the stock at the moment, so the company is unlikely to be widely held.

The definition of an insider can differ slightly between different countries, but members of the board of directors always count. The company management answer to the board and the latter should represent the interests of shareholders. Notably, sometimes top-level managers are on the board themselves.

Insider ownership is positive when it signals leadership are thinking like the true owners of the company. However, high insider ownership can also give immense power to a small group within the company. This can be negative in some circumstances.

Our most recent data indicates that insiders own less than 1% of One Software Technologies Ltd. We do note, however, it is possible insiders have an indirect interest through a private company or other corporate structure. It is a pretty big company, so it would be possible for board members to own a meaningful interest in the company, without owning much of a proportional interest. In this case, they own around 35k worth of shares (at current prices). It is good to see board members owning shares, but it might be worth checking if those insiders have been buying.

The general public, who are usually individual investors, hold a 18% stake in One Software Technologies. While this group can't necessarily call the shots, it can certainly have a real influence on how the company is run.

It seems that Private Companies own 4.1%, of the One Software Technologies stock. It's hard to draw any conclusions from this fact alone, so its worth looking into who owns those private companies. Sometimes insiders or other related parties have an interest in shares in a public company through a separate private company.

We can see that public companies hold 41% of the One Software Technologies shares on issue. It's hard to say for sure but this suggests they have entwined business interests. This might be a strategic stake, so it's worth watching this space for changes in ownership.

I find it very interesting to look at who exactly owns a company. But to truly gain insight, we need to consider other information, too. To that end, you should be aware of the 1 warning sign we've spotted with One Software Technologies .

Of course this may not be the best stock to buy. Therefore, you may wish to see our free collection of interesting prospects boasting favorable financials.

NB: Figures in this article are calculated using data from the last twelve months, which refer to the 12-month period ending on the last date of the month the financial statement is dated. This may not be consistent with full year annual report figures.

Have feedback on this article? Concerned about the content? Get in touch with us directly. Alternatively, email editorial-team (at) simplywallst.com.

This article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned.

Simply Wall St does a detailed discounted cash flow calculation every 6 hours for every stock on the market, so if you want to find the intrinsic value of any company just search here. Its FREE.

The rest is here:
Both public companies who control a good portion of One Software Technologies Ltd (TLV:ONE) along with institutions must be dismayed after last week's...

When data platform companySnowflake (SNOW 4.85%) had its initial public offering in September 2020, it immediately became one of the most highly valued publicly traded cloud and software companies. Even after high inflation, rising interest rates, and the possibility of a global recession reduced its value, the company remains among the most highly valued cloud companies in the market.

Here is one big reason Snowflake outperforms the rest of the cloud and software industry.

Over the last two years, several consulting firms have published research concluding that data-driven companies are more likely to acquire customers, beat revenue goals, and increase profits than those without a data strategy. As a result, business leaders have become more aware that to remain competitive in their industry, they must pursue data-driven and digital transformation strategies -- requiring increased investment in data management technology. And many companies are choosing Snowflake for this essential service.

Image source: Snowflake.

Snowflake differentiated itself from other data management platforms by developing a disruptive architecture for data storage, processing, analyzing, sharing, and monetization, which it calls the data cloud. This data cloud can function as a database (holds data for application use), a data warehouse (contains filtered data for later analysis), or a data lake (stores unfiltered data). In addition, the data cloud includes a modern marketplace that permits companies, governments, and other entities to trade, buy, or share data -- an industry first.

As a result of Snowflake's unique innovations in the data industry, it rapidly grew from the time its founders started the company in 2012 to achieving a 19.73% market share in the data warehousing category in 2022, according to the marketing intelligence firm Slintel. Only Amazon'sRedshift is ahead with a 22.16% share.

Yet, despite its strong growth, Snowflake has only penetrated a tiny sliver of its opportunity.

Image source: Snowflake.

As of quarter's end in June of fiscal 2023, the company made $1.63 billion in trailing 12-month (TTM) revenue against a projected $248 billion total addressable market (TAM), meaning it has yet to reach even 1% of its TAM.

Despite the ongoing macroeconomic turbulence, Snowflake's revenue growth trajectory exceeds that of virtually every other cloud company. The following chart compares its revenue growth trend on a TTM basis to a few other significant cloud stocks.

SNOW Revenue (TTM) data by YCharts

In addition, this revenue growth is translating into rapid free cash flow (FCF) growth.

SNOW Free Cash Flow data by YCharts

As long as Snowflake maintains a strong positive free cash flow, it can continue judiciously hiring and investing in key growth initiatives throughout this downturn -- extending its lead over emerging competitors. For instance, in June the company revealed in Canadian newspaper The Globe and Mail that it would open a Toronto office and hire hundreds of people -- impressive considering that many technology companies are hiring slowly, canceling projects, and even laying off workers in this poor economy.

Although the company has performed well up until now, one issue that Snowflake bears worry about is that its usage-based pricing model could present a problem should customers cut back on using its services in a worsening economy.

CFO Mike Scarpelli's commentary on the first-quarter fiscal 2023 earnings call likely contributed to the stock's sluggish performance from late May to the middle of June. Scarpelli noted slowing growth for consumer-facing cloud companies. Any further news of slowing growth in other sectors of the economy could result in a further downdraft in the stock, especially considering the stock's relatively high valuation. Snowflake sells at a price-to-sales (P/S) ratio of 33.3 compared to the computer processing and cloud services industry P/S ratio of 4.3.

However, the good news is that Scarpelli said on the second-quarter earnings call that leading indicators of the macro economy's impact on the business remain solid across most of its customer base. For example, one metric he highlighted was the outperformance of small and medium-sized companies in net new bookings during the quarter. Additionally, Snowflake's largest global customers continue to increase their usage, indicating that these large enterprises consider the data cloud essential to their business operations.

While this stock could remain volatile in the short term, Snowflake is still an excellent bet for continued outperformance. If you are a long-term investor, there are few better places to invest than this dominant data platform.

John Mackey, CEO of Whole Foods Market, an Amazon subsidiary, is a member of The Motley Fool's board of directors. Rob Starks Jr has positions in Amazon, CrowdStrike Holdings, Inc., MongoDB, Okta, and Snowflake Inc. The Motley Fool has positions in and recommends Amazon, CrowdStrike Holdings, Inc., MongoDB, Okta, Salesforce, Inc., ServiceNow, Inc., Snowflake Inc., Twilio, Zendesk, and Zscaler. The Motley Fool has a disclosure policy.

See original here:
1 Big Reason Why Snowflake Is Outperforming the Rest of the Software Industry - The Motley Fool

General Motors' subsidiary, BrightDrop, will offer self-driving electric commercial delivery vehicles in the future.

During a webcast presentation at the Evercore ISI 2ndAnnual Technology Conference on Thursday, BrightDrop CEO Travis Katz said the company is "actively" looking at how to apply autonomous driving technology to its commercial trucks.

But BrightDrop spokesman Daniel Roberts said Friday the company has no immediate plans to offer self-driving vehicles.

"We can say with certainty that autonomy is going to play a huge role in commercial delivery," Katz said. "There is no need to have humans driving vehicles in all of these routes. One of the benefits of being General Motors, is we have our sister company Cruise, which is one of the leaders, if not the leader, in autonomous systems."

Katz said BrightDrop's EVs can save a fleet $10,000 to $12,000 of cost per vehicle each year. Also, some say that eliminating the driver could result in greater cost savings.

"There really arent enough drivers to do the work and itsnot a super glamorous job," Katz said. "Its a hard job.

In June, the GM-owned Cruise became the first companytoruna commercial taxi service ofself-driving cars in a major city San Francisco, where it is based, Katz said

BrightDrop, which GM started in early 2021, offers two commercial electric delivery vehiclesthe Zevo 600, which resembles the big brown UPS-style truck, and a smaller EV410 midsize truck. They will be built at GM's CAMI Assembly plant in Ingersol, Canada, which opens in the fourth quarter. Katz said it expects to be making 50,000 trucks a year there starting in 2025 and bring in "a lot of revenue."

"Were lining up customers. Were hiring like crazy across all fronts, support, software development, engineering we see big growth ahead," Katz said. "We feel pretty good about the supply chain heading into next year. We have a lot of people managing this and weve worked through the hardest moments. Were not seeing anything on the horizon thats scaring us.

Katz said he did not have specific news to share yet on self-driving technology, but he said that Cruise has been testing autonomous delivery vehicles with Walmart. It has been using the Cruise Origin, which is the self-driving vehicle that Factory Zero in Detroit and Hamtramck will make.

There are a lot of challenges to still be solved, Katz said. The last 100 feet, you cant just have an autonomous vehicle pull up, you have to figure out how does the vehicle get to the end? We have e-carts and things like this and software to help design a solution.

But he said commercial self-driving vehicles will be "huge" and "were better positioned than anyone else in the industry to go after it.

Besides the delivery trucks, BrightDrop also offers technological solutions for the delivery industry such as a propulsion-assistedelectric pallet to move goods over short distances, includingfrom the delivery truck to a front door. It also offersmobile asset management for thepallet to allow forlocation monitoring, battery status and otherremote commands.

BrightDrop currently has FedEx, Merchants Fleet and Walmart as its biggest clients. Its biggest truck, the Zevo 600, made the Guinness World Records in April when driver Stephen Marlin achieved the recordfor the greatest distance traveled by an electric van on a single charge. He drove a Zevo 600 that's part of FedEx's fleet from New York City to Washington, D.C., a trip of nearly 260 miles.

Contact Jamie L. LaReau: jlareau@freepress.com. Follow her on Twitter@jlareauan. Read more onGeneral Motorsand sign up for ourautos newsletter.Become a subscriber.

Excerpt from:
GM's BrightDrop looks to self-driving delivery trucks in the future - Detroit Free Press