RunSafe is now a verified publisher on Iron Bank, providing SBOM generation, SCRM, and code protection for Department of Defense software that is compliant and resilient.

RunSafe Security, a pioneer of cyberhardening technology for embedded systems across critical infrastructure, today announced that the RunSafe Security Platform is now available on Iron Bank, the Department of Defense’s (DoD) hardened repository of pre-assessed and approved development, security, and operations (DevSecOps) solutions. As a verified Iron Bank publisher, RunSafe Security’s platform will provide DoD teams with access to Software Bill of Materials (SBOM) generation, supply chain risk management (SCRM), and code protection within a trusted ecosystem.

Iron Bank is built to help defense programs quickly deploy new tools without spending months navigating approval processes. Every product listed on Iron Bank goes through rigorous security assessments, container hardening, and compliance validation. Because the containers are scanned daily for vulnerabilities, DoD teams gain access to resilient tools that keep the software supply chain secure and allow software to be deployed faster. With RunSafe listed as a verified publisher, DoD teams and integrators can now access the company’s platform directly from Iron Bank, making it easier for defense programs to integrate.

“The DoD’s software requirements have changed significantly in the past several years, from the Army SBOM mandate to new initiatives like Software Fast Track. The focus is on accelerating the delivery of secure, trustworthy code to the field,” said Joseph M. Saunders, Founder and CEO of RunSafe Security. “By bringing the RunSafe Security Platform to Iron Bank, we’re giving defense programs a direct path to meet those expectations with less friction. Teams can now access our SBOM, SCRM, and binary protection capabilities inside a DevSecOps ecosystem they already trust.”

The RunSafe Security Platform addresses some of the toughest challenges in embedded software security. Through the company’s platform on Iron Bank, organizations can access:

• C/C++ SBOM Generation - RunSafe provides the authoritative build-time SBOM generator for embedded systems and C/C++ projects. Automating SBOM generation is critical for meeting DoD requirements, especially for unstructured C/C++ code where traditional SBOM tools fall short.
• Supply Chain Risk Management - SCRM capabilities enable DoD teams to take action, not just generate a static SBOM. Teams can monitor for new vulnerabilities and check license enforcement and provenance. Additionally, RunSafe’s binary analysis identifies potential zero-day risks, helping organizations to rely not only on CVEs but also to quantify the risk of future weaknesses that attackers could target.
• Runtime Code Protection - RunSafe hardens binaries against exploitation through moving target defense, such as Runtime Application Self Protection (RASP), defending weapons systems at runtime to increase resilience. This resilience applies to future zero days as well, providing fielded weapon systems protection between software upgrade cycles that can be two years apart.

For organizations working to modernize DevSecOps practices, automate SBOM generation, or secure embedded systems without code rewrites, RunSafe containers are available on Iron Bank by logging in and accessing the Iron Bank repository here.

To request a consultation to learn more about the RunSafe Security Platform and Iron Bank, please visit https://runsafesecurity.com/consultation-request/.

RunSafe Security Attending 2025 Alamo Cybersecurity Exposition (ACE) in December

Additionally, RunSafe Security is attending the 2025 Alamo Cybersecurity Exposition (ACE), an annual conference produced by the Alamo Armed Forces Communications and Electronics Association (AFCEA). The Exposition will take place from December 2–5, 2025, at the JW Marriott San Antonio Hill Country Resort & Spa in San Antonio, Texas. Alamo ACE is an annual event that supports the military community and provides access and insight into key senior leaders’ perspectives on current developments in cyberspace. To arrange a meeting with a member of the RunSafe Security team, contact: staci@runsafesecurity.com.

About RunSafe Security

RunSafe Security protects embedded software across critical infrastructure, delivering automated vulnerability identification and software hardening from build-time to runtime to defend the software supply chain and critical systems without compromising performance or requiring code rewrites. The RunSafe Security Platform includes the authoritative build-time SBOM generator for embedded systems and C/C++ projects, automated vulnerability identification and risk quantification, license compliance, and patented memory relocation techniques to mitigate memory-based vulnerabilities.

Headquartered in McLean, Virginia, with an office in Huntsville, Alabama, RunSafe Security’s customers span the aerospace and defense, energy, operational technology, industrial automation, transportation and automotive, medical device, and high-tech manufacturing verticals.

View source version on businesswire.com: https://www.businesswire.com/news/home/20251120010809/en/