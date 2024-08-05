Advancing the supply-chain security posture for the fast growing software-defined vehicle industry.





LAS VEGAS–(BUSINESS WIRE)–Today Kondukto Inc., the leading Application Security Orchestration & Posture Management platform for cloud and on-premise workloads, announces a strategic collaboration with ETAS GmbH to provide an integrated security orchestration solution for software-defined vehicles.

ETAS GmbH, a wholly owned subsidiary of Robert Bosch GmbH, is a leading provider of cybersecurity solutions for the automotive industry and a pioneer in software-defined vehicle innovation. The evolution toward software-defined vehicles increases the need for effective protection against cyberattacks and unauthorized access to vehicle systems.

By joining forces with Kondukto, ETAS expands its existing cybersecurity portfolio by incorporating Kondukto’s cutting-edge Application Security Posture Management (ASPM) and vulnerability management platform. This collaborative effort will empower ETAS’ automotive OEM partners to gain enhanced visibility into their software supply chain, enabling them to better assess risks and enhance their security posture. Additionally, ETAS customers will benefit from industry-leading security automation capabilities and contextual decision-making support, resulting in faster remediation times and improved overall code quality within the ecosystem.

“With cybersecurity solutions from ETAS and the Kondukto Platform, development teams will benefit from a security posture management system that is novel in the automotive industry.”



– Dr. Moritz Minzlaff, Head of Professional Security Services at ETAS

Kondukto API v3 for improved Custom Integrations

The Kondukto API has played an integral role for Kondukto’s enterprise customers across diverse industries, including finance, healthcare, manufacturing, and software. It enables them to automate application security workflows and effectively manage their security posture at scale. With the upcoming v3 of the API, customers such as MongoDB, Domino’s Pizza, taxfix, and Nord Security will gain access to an expanded set of capabilities, including advanced reporting, auditing, software-bill-of-material (SBOM) management, and AI remediation:

Reporting : Extended exports with normalized data that enables a broader set of custom tailored reports.

: Extended exports with normalized data that enables a broader set of custom tailored reports. Auditing : Fine-grained access to events and robust authorization management for teams and users. Comprehensive audit logs provide detailed information for audit trails.

: Fine-grained access to events and robust authorization management for teams and users. Comprehensive audit logs provide detailed information for audit trails. Automation : Customizable automation rules allow for efficient scan scheduling, triage and configuration of high-priority vulnerabilities.

: Customizable automation rules allow for efficient scan scheduling, triage and configuration of high-priority vulnerabilities. SBOM: Scheduling of SBOM scans and reports, retrieving detailed information on components and their licenses. All on a per branch basis and offering exports of the SBOM reports in multiple formats.

“The open-source CLI tool (KDT) simplifies integrating the Kondukto Platform into complex DevSecOps environments, whether cloud-based or on-premise,” says Cenk Kalpakoğlu, CEO & Co-founder of Kondukto Inc. “With the Kondukto API v3, we’re taking another big step toward enabling our customers to implement a policy-as-code approach to secure their applications at scale.”

The v3 of the Kondukto API is set to be generally available later in September 2024.

About Kondukto Inc.

Kondukto is one of the fastest growing startups in the important application security (AppSec) category. Founded in 2019, Kondukto has been backed by renowned Seed stage investors 500 Startups and ScaleX. The Kondukto Platform is emerging as a leading ASPM solution for AppSec teams around the world. It supports customers in their AppSec Transformation efforts, vulnerability management, and the collaboration between developer and operations teams. Customers benefit from increased team productivity, focus, and insights they need to secure their organization’s applications.

