New Service from Leader in Attack Surface Management Enables Businesses to Show Quick Compliance to Maintain Government Contracts
SAN FRANCISCO, CA – November 12, 2020 – Today, Expanse, the leader in attack surface management, announced dedicated capabilities to help companies quickly comply with Section 889, a government mandate to eliminate certain Chinese-made hardware from the enterprise and from supply chains. Expanse’s technology identifies prohibited equipment by fingerprinting 889-relevant assets and continuously scanning to identify violations based on IP address and manufacturer – with this new offering, customers will instantly get a summary report with a prioritized list of banned assets, along with email notifications of new instances of violations.
Section 889 of the FY2019 National Defense Authorization Act effectively bans technology made by five Chinese companies: Huawei, ZTE, Dahua, Hikvision, and Hytera. Section 889 part (A) prohibits the USG from buying any equipment, system or service that includes equipment or services from those banned Chinese technology or surveillance companies. Part (B) requires that federal government contractors certify that their entire global supply chain, not just the part of the business that contracts with the U.S. government, is excised of equipment, system or service from those banned Chinese technology or surveillance companies. Expanse can automatically notify customers of noncompliance and flag them for fast resolution.
“Ultimately, the regulations bring to light two critical issues: No one has enough visibility into their networks nor their supply chain, and legislators don’t fundamentally grasp the nuanced technical challenges that decoupling will require,” explained Tim Junio, Expanse co-founder and CEO. “Today, complying with 889 is a heavily manual process requiring companies to run through a procurement manifest to see what matches against banned technologies. Expanse’s new capability dramatically eases the workload and cost to comply with Section 889.”
Expanse customers can ensure compliance and retain defense contracts, thanks to:
- Complete visibility: Expanse can identify full manifests exposed via the internet and the manufacturer regardless of brand name.
- Reduced cost of compliance: Expanse reduces manual effort required to identify and label noncompliant assets. Further, automated issue reporting capability facilitates auditor reporting.
- Time to value: Expanse can quickly provide full capabilities.
Expanse protects the world’s most important organizations by discovering risks on the Internet that no one else can find. Expanse customers comprise more than 10% of the routable Internet and rely on Expanse to discover, evaluate, and mitigate their global Internet attack surface. Using patented data collection, processing, and analysis technology, Expanse reduces risks associated with Internet assets and enables a secure digital transformation for the world’s largest organizations. Founded in 2012, Expanse is headquartered in San Francisco and is backed by more than $135M in funding. Request a demo at www.expanse.co.