Secuzine

Trusted by Global Leaders, Proven by Excellence

HEEJO LEE

CEO, Labrador Labs

“Our first goal is to expanding global markets, including US that we already have our headquarter and also a few significant customer cases, also to Europe, Japan, and China as the cybersecurity and software composition analysis market will grow globally”

Businesses have always faced the looming threat of software security vulnerabilities within the fast-moving digital evolution of today. This can bring disastrous breach-inclined breaches for companies due to just a minuscule flaw in any of their supply chains. Today, there is an increasing need for solutions to help organizations detect vulnerabilities with accuracy and exchanges of software with better management of SBOMs, along with accurate analysis, streamlined patching, and secured supply chain management.

Labrador Labs is the pioneers of software composition analysis (SCA) and SBOM security. Founded in 2018 as a spinoff from the Center for Software Security and Assurance (CSSA) of Korea University, the company has a solid base in academia combined with practical innovation. Co-CEO Heejo Lee also serves as Chief Director at CSSA and works closely with security research teams from Carnegie Mellon, ETH Zurich, and Oxford University, who share in the mission to advance the state of software security.

Labrador Labs specializes in providing cutting-edge software composition analysis (SCA) tools designed to meet the rigorous demands of its diverse customer base. Major clients, including Samsung Electronics, LG Innotek, POSCO, and the Ministry of National Defense of Korea, have trusted Labrador Labs to safeguard their software environments. Additionally, global players like Intuitive Surgical and other high-profile U.S. companies have relied on Labrador Labs for its precision and innovation in software security.

At the core of Labrador Labs’ offerings is its patented 3-layer analysis technology, which significantly improves the accuracy of vulnerability detection. Addressing the critical needs of customers, Labrador Labs also provides pinpoint patch backporting, offering tailored patch codes that target only vulnerable areas of the software. Furthermore, the Labrador Patch Prioritization (LPP) algorithm enhances vulnerability management by complementing the CVSS, ensuring the most critical vulnerabilities are addressed efficiently.

A key differentiator for Labrador Labs is its customer-first approach. The company places immense importance on customer convenience and support. Beyond installation, Labrador Labs maintains ongoing engagement with its customers, monitoring usage and gathering feedback to ensure seamless and stable operation. This commitment to service excellence is a major reason why customers opt for multi-year renewal contracts, with most extending for three years at a time, demonstrating their confidence in Labrador Labs’ solutions.

Labrador Labs also leads the way in supply chain security with its innovative SBOM exchange platform, Labrador SCM. As software supply chains become increasingly complex, the need for accurate and efficient SBOM (Software Bill of Materials) exchanges is more pressing than ever. Labrador SCM allows manufacturers and suppliers to securely share SBOMs using hash-encrypted data, ensuring the confidentiality and integrity of their source code. The platform supports popular SBOM formats like Cyclone-DX, SPDX, and NIS-SBOM, making it user-friendly and adaptable to the unique needs of its clients.

What sets Labrador SCM apart is its modular design, allowing customers to build customized features based on their specific integration needs. Whether it’s SVN integration or a more streamlined solution, Labrador SCM offers the flexibility to be tailored to each client’s requirements. The platform’s ease of use and security features help mitigate risks, simplify version control, and respond to evolving regulatory requirements.

IVAS (Integrated Vulnerability Analysis System) is another flagship product from Labrador Labs. More than just a vulnerability detection tool, IVAS is a comprehensive management platform that enables users to take immediate action on identified vulnerabilities. The system automatically scans repositories every hour and notifies managers when new vulnerabilities are found, assigning responsibility and setting action deadlines to ensure accountability. With IVAS, customers can manage vulnerabilities and their teams effectively, streamlining security management across their organizations.

Labrador Labs’ newest solution to bring greater innovation to supply chain management is Labrador Server Care. Labrador Server Care finds open source vulnerabilities on servers in operation. Labrador Server Care can analyze which open source libraries each SW library installed on your server depends on. It connects to a global database of open source vulnerabilities and alerts you to vulnerabilities in your server SW whenever new CVEs are released.

IT administrators around the world knew about the dangers of the Log4J vulnerability in 2022, but were unable to identify which servers the library was running on. The U.S. Cybersecurity Review Board estimated that it would take 10 years to remove Log4J from software in operating servers. Even though the vulnerability has been publicized and exploited by hackers, there are still many servers that have not been patched. Organizations care about security during SW development, build, and deployment. However, they don’t manage vulnerabilities while the software is installed and operating on the server. Vulnerabilities are checked when the software is first installed on the server, but it is not easy to track and manage once it is in operation.

With Labrador Server Care, organizations can easily analyze and respond to the latest open source vulnerabilities as they are discovered.

As the global SCA market continues to expand, Labrador Labs aims to solidify its presence in key markets such as the U.S., Europe, Japan, and China. The company is evolving toward becoming an Application Security Posture Management (ASPM) provider, with plans to integrate real-time analysis for operating software and server management. Labrador Labs is also exploring the use of AI technology to enhance data collection and analysis, providing even more precise security solutions.

Our first goal is to expanding global markets, including US that we already have our headquarter and also a few significant customer cases, also to Europe, Japan, and China as the cybersecurity and software composition analysis market will grow globally” says Mr. Lee.

Recognized for its groundbreaking work, Labrador Labs has earned numerous awards, including the 2023 SCA Notable Vendor title in the Forrester Landscape and the 2020 Korea Outstanding Patent Award. With headquarters in Seoul, Korea, and Roseville, California, Labrador Labs continues to be a global leader in software security, driving innovation and excellence in the ever-evolving landscape of cybersecurity.

Labrador Labs serves a diverse range of clients across the globe, including Intuitive Surgical, Auction Edge, Marcum Technologies, GNSOL, Naviga Global, Borealix, Praxis Global, BellXcel, Lima One Capital, and TD Jakes in the U.S. and overseas markets. In South Korea, notable clients include Samsung Card, Samsung Securities, Samsung Fire & Marine Insurance, BNK System, POSCO, the Incorporate Bank of Korea, and the Ministry of Defense of Korea. Labrador Labs has earned several prestigious accolades, including being named a 2023 SCA Notable Vendor in the Forrester Landscape, receiving the 2022 New Software Product Award from the Minister of Science and ICT, and winning the 2020 Korea Outstanding Patent Award in the first half of the year.

With a solid foundation in research, innovative technologies, and a customer-centric approach, Labrador Labs is shaping the future of software security on a global scale.