About
Timesys offers solutions for building, securing, and maintaining embedded Linux, Android, and open-source operating systems. Their services include SBOM Management, Vulnerability Monitoring, and Remediation, specifically tailored for embedded software markets. Additionally, they provide development tools that support SBOM generation. Their team also offers bespoke engineering services, test automation, and remote access infrastructure to enhance client control and security. Timesys focuses on supporting mission-critical applications with a modular approach ensuring security and compliance in software management.
Related Vendors
Kusari describes the Kusari Platform as a "software supply chain security platform" aimed at DevSecOps teams. The site emphasizes SBOM-related capability with phrases such as "enrich your SBOMs", "Never Drop The SBOM", and guidance on SBOM tooling. Messaging highlights visibility into "every level of your open source code and its dependencies," and positions the product to "know your software, fix what matters, and prove you’re in control." The site also references security earlier in the development lifecycle ("Security at the Pull Request") and claims to "secure every link in your software supply chain." The content references commercial and open source partners.
hoop.dev presents an offering described as Automated Access with Data Protection and references HoopAI in the context of AI audit readiness and AI compliance. The site highlights SBOM-related ideas — noting that SBOM updates on every build and that modern SBOM tools are embedded in the build process. Messaging targets developer security (DevExSec) with a webinar titled “DevExSec - Secure Access that Boosts DevEx,” and offers a whitepaper download. The site includes commercial calls-to-action and pricing language ("Pricing Let's Talk" / "START NOW AND EXPERIENCE THE DIFFERENCE"), indicating a productized, contact-sales offering rather than purely informational content.
Scribe Security provides an end-to-end software supply chain security platform that automates evidence collection, signing, and verification across the build process. It integrates collectors with CI/CD to generate SBOMs and provenance records, gather scanner results, pipeline posture, and process context, cryptographically sign evidence, create attestations, and build lineage trees. Collected evidence (never the code itself) is encrypted and transferred to the cloud where it is parsed, correlated, and connected into a knowledge graph to create a signed, tamper‑proof audit trail for every build. AI‑agentic workflows perform analysis, prioritization, and auto-remediation. Customers can manage risk, deploy policy gates, track performance, and operate from the ScribeHub dashboard to maintain software trust and compliance.