Infoglobez
Live Coverage
Sign in Sign up
Trending: Champions League Transfer News Premier League World Cup
Infoglobez
AI & ML

Elevating Software Security: Insignary's Binary-Level Analysis for Accuracy in SBOM

Insignary Clarity enhances software supply chain security by validating Software Bills of Materials (SBOMs) at the binary level, addressing critical compliance challenges.

Jul 07, 2026 | 3 min read
Sign in to save

Traditional software composition analysis (SCA) approaches often focus on what's declared by developers rather than what’s actually in production. Insignary Clarity tackles this issue head-on by employing patented binary analysis technology that examines the software that gets built, shipped, and deployed.

Insignary, a Toronto-based cybersecurity firm, has made its mark with its binary fingerprint technology, featuring in multiple Gartner research reports. This month, the company was recognized as a Sample Vendor for Reachability Analysis in the Gartner Hype Cycle for Secure Software Engineering, 2026.

Gartner's findings underscore an important point: While many open-source and third-party components may harbor vulnerabilities, not all directly impact a given codebase. Reachability analysis is thus essential for prioritizing these vulnerabilities based on their actual exploitability.

As organizations increasingly adopt AI-driven coding tools, the challenge of managing open-source components becomes even more critical. A recent survey by Venafi found that 92% of security decision-makers express concerns about AI-generated code, with 63% considering outright bans due to security risks. The U.S. National Vulnerability Database recorded over 48,000 vulnerabilities in 2025—roughly 130 daily—revealing the pressing need for effective scrutiny of software components.

The Limitations of Current SCA Tools

Many traditional SCA tools rely on developers' depictions of their software, missing critical components that are generated or utilized without being formally declared. AI-generated code, third-party binaries, and vendor libraries often bypass package managers and don’t appear in any manifest, leading to incomplete oversight.

Taek Wan Kim, Insignary's President & CEO, highlights, “As software supply-chain regulations increasingly depend on SBOMs, the ability to validate software at the binary level becomes essential for organizations operating in regulated industries and critical infrastructure." This sentiment echoes a broader industry push for better transparency.

Introducing Insignary Clarity

Insignary Clarity addresses these transparency issues by providing comprehensive scanning capabilities that capture both source code and binary data. This dual approach allows for the creation of a complete Software Bill of Materials (SBOM), which details all the components involved in application deployment.

  • Binary SCA: This feature identifies open-source components, vulnerabilities, and license obligations directly from compiled binaries without needing either the source code or package manifests.
  • AIBOM Generation: Insignary Clarity generates an AI Bill of Materials for software that includes AI-generated or AI-assisted code, ensuring full visibility into components that may otherwise bypass standard declarations.
  • Reachability Analysis: By determining which vulnerabilities impact executable code paths, this feature helps organizations prioritize risks better than merely counting CVEs.
  • Continuous Vulnerability Alerting: The platform monitors SBOMs against new vulnerability databases and generates alerts for newly disclosed CVEs that affect deployed components, all without requiring rescans.

These elements contribute to the notion that an SBOM is foundational for managing the complexity and maintainability of modern software.

Acknowledgment from Gartner and Beyond

Insignary has recently received recognition in four Gartner research reports, including the Hype Cycle for Secure Software Engineering and the Hype Cycle for Application Security. Their growing credibility is reinforced as the demand for accurate SBOMs surges globally.

Responding to Global Software Supply Chain Standards

Insignary Clarity's functionalities align with various global regulations aimed at enhancing software supply-chain security:

  • The U.S. Executive Order 14028 mandates that software sold to government entities includes independently verified SBOMs, thus increasing scrutiny on vendor capabilities.
  • Under FDA Section 524B, all premarket submissions for connected medical devices must include a binary-verified SBOM encompassing all compiled software components.
  • In Canada, the upcoming Bill C-8 Critical Cyber Systems Protection Act, effective June 2026, will impose mandatory risk management practices for sectors such as banking and telecommunications.

This compliance extends beyond North America, interfacing with frameworks like CISA and NSA SBOM guidance, NIST's Secure Software Development Framework, and other regional regulations including Australia's Information Security Manual.

Adoption and Trust Across Industries

Insignary’s solutions have found their way into various sectors, signaling trust from both government and global enterprises. BearingPoint, a leading European consulting firm and strategic investor in Insignary, distributes its solutions throughout Europe. Cybertrust Japan, along with its reseller partner TechMatrix, promotes adoption within Japanese manufacturing sectors through a dedicated SBOM initiative.

The client listing includes a plethora of organizations across industries like electronics, defense, finance, automotive, manufacturing, and healthcare, highlighting the versatility and applicability of Insignary's offerings.

About Insignary: Insignary Inc. specializes in binary composition analysis, providing organizations with tools to identify software components and risks at the binary level without granting access to source code. Their platform not only verifies deployed software contents but also aids in managing risks associated with AI and advanced software development environments.

Website: https://insignary.com/

Full report: Gartner Hype Cycle for Secure Software Engineering, 2026

References:

  1. Gartner, Hype Cycle for Secure Software Engineering 2026
  2. Venafi, “Machine Identity Management Development Survey,” 2024
  3. Gartner, “Emerging Tech: A Software Bill of Materials Is Critical to Software Supply Chain Management.”
Contact

Principal Solutions Architect

Jessica DY Lee

Insignary

[email protected]

Source: James Davis · www.csoonline.com
Sign in to join the discussion.