Medcrypt, Tidelift to Offer Open Source Software Data for Medical Device Manufacturers

This partnership expands the data provided to customers, making a significant impact on post-market vigilance.

I Stock 1435605327
iStock

Medcrypt, a cybersecurity solution provider for medical device manufacturers (MDMs), today announced its partnership with Tidelift, a provider of solutions for improving the security and resilience of the open-source software powering modern applications. This partnership will strengthen medical device security by leveraging data to offer advanced security solutions to customers, ensuring devices stay safe throughout their entire lifecycle.

For MDMs, the upcoming U.S. Food and Drug Administration's (FDA) deadline of October 1 is a critical milestone, mandating the adoption of software bill of materials (SBOM) analysis for all regulated devices, according to Section 524B(b)(3) of the Federal Food, Drug, and Cosmetic Act. To address this challenge, Medcrypt and Tidelift are collaborating to offer MDMs a robust vulnerability management solution that meets stakeholder needs and enables enhanced post-market vigilance. The partnership provides access to share granular data verified by Tidelift's partner network of independent maintainers, which will ultimately make device makers better equipped to triage vulnerabilities.

By leveraging Tidelift's data, Medcrypt advances its Helm solution; this partnership expands the data provided to customers, making a significant impact on post-market vigilance.

"We understand the urgency facing medical device manufacturers in meeting the FDA deadline," said Om Mahida, VP of Product at Medcrypt. "Together with Tidelift, we're excited to present an enhanced vulnerability management solution that enables MDMs to proactively manage vulnerabilities."

This collaboration gives MDMs with a security framework capable of withstanding threats. By co-creating a set of evidence for upstream open source package secure development practices and continuously updating these certifications, the joint solution empowers manufacturers to not only meet the regulatory deadline but maintain a dynamic vulnerability program that safeguards medical devices in an evolving threat landscape.

More in Equipment