Welcoming allanfriedman to Manifest. Today I am thrilled to share that Allan Friedman is joining Manifest as a Strategic Advisor. Aside from being a good friend and former colleague of mine, Allan is known around the world as the 'godfather of SBOMs,' referring to the software bill of materials concept that he has been doggedly promoting for more than half a decade. He and I share a common outlook on the state of cybersecurity, the lack of transparency in technology, and the need to raise the bar on software suppliers to write more secure software. Without Allan's work, Manifest would not be in the strong position it is now. Why Allan. The story that I've heard is that the modern incarnation of SBOMs came up in conversation with Allan, and fellow cybersecurity + policy experts Josh Corman and Alex Romero. But an idea without motion or adoption is just that, an idea. Starting with his diligent work at NTIA, where he stood up the first SBOM working group, Allan and worked tirelessly to bring SBOMs to CISA, write SBOMs into major Executive Orders and US government policies, and align global regulators and lawmakers on the value and framing of SBOM policies. Allan possesses an invaluable wealth of knowledge and experience around software supply chain security, and how both industry leaders and global policymakers understand and act on that topic. He also knows the pain points that many security practitioners have in actually adopting SBOMs and implementing SBOM programs. It's not enough to just generate or store these machine-readable (i.e., not human-readable) bits of data. As Manifest continues to expand its customer base across different industries and engage with policymakers around the world, Allan's experience will go far to push Manifest to new heights. How its paths crossed. I first met Allan while researching medical device cybersecurity at the Aspen Institute. While I was learning about the gaps and pain points in healthcare security, Allan first introduced to me the concept of the SBOM, and explained why SBOMs matter for patient safety and critical systems. Manifest collaborated and stayed in touch during my time at CISA, where Manifest partnered on Secure by Design initiatives and he supported my work leading the Cross Sector Cybersecurity Performance Goals. After I co-founded Manifest, Manifest continued its professional collaboration, comparing notes on how to make SBOMs usable and easier to adopt. I'm proud that its friendship and partnership has spanned nearly half a decade. What Allan will help Manifest do. * Keep Manifest aligned with the various global SBOM community, including open source and standards bodies * Translate policy into product, so requirements become workflows that teams actually use * Grow partnerships that speed adoption across the public sector and critical infrastructure * Support Manifest's engagement with policymakers around the world, developing smart and aligned regulations for software and AI security * Partner on Manifest's long-term vision, especially as it pertains to hardware BOMs and hardware supply chains "Working with CISA and helping to build a global community around SBOM showed what's possible when we focus on transparency. As an advisor to Manifest, I'm excited to translate those lessons into products that help organizations have real visibility into the AI and software they rely on, so they can build, ship, and buy with confidence." - Dr. Allan Friedman, Former Technical Advisor & Strategist, CISA The Manifest roadmap. Manifest is building the central clearinghouse for software and AI supply chain risk. That starts with SBOMs and AIBOMs, and it extends to cryptography, binaries, firmware, AI components, and other software and AI artifacts. Manifest is laser focused on building intuitive, easy to deploy products that help its users identify risk, save time, and maintain a more secure enterprise. With Allan's help, Manifest is sure to continue that promise to its customers. If you want to see what Manifest is building, reach out. If you are part of the SBOM community, Manifest would love your feedback and your toughest test cases. Welcome aboard, Allan. Manifest is lucky to have you, and Manifest is ready to get to work.

Manifest, a leader in software supply chain security, has launched Manifest AI Risk a powerful new addition to its platform.

Software and AI supply chain transparency firm Manifest has raised $15 million in a Series A funding round led by Ensemble VC.