Oligo Security launched out of stealth on Wednesday with its runtime application security platform for detecting vulnerabilities in open source components. Oligo generates a dynamic bill of materials (BOM), identifies vulnerabilities in packages, and sets fix priorities for vulnerabilities based on application context.
Some of the most damaging cyberattacks in the past couple of years originated in open source packages included within large, complex systems. For example, Log4Shell attacks continued throughout most of 2022 because many organizations didn’t even realize they were running a vulnerable version of Log4j. Oligo generates a dynamic BOM that shows all the components that are actually running, which helps establish which vulnerabilities to fix first.
