How This AI-Powered Medical Software Company Reduced SBOM Documentation Time by 90%
AI-powered nutrition platform Nutrino Health was looking for a way to manage thousands of items across their software supply chain, including open-source software, off-the-shelf software (OTS), and other Software of Unknown Provenance (SOUP). Generating an FDA-compliant Software Bill of Materials (SBOM) was consuming considerable developer time, impeding the pace of development and lengthening the time to market.
Impact
90%
Reduction to SBOM documentation time
422 million
People in the world living with diabetes
100+
Inputs for integrations with apps, wearables, devices, and datasets
Industry
Diabetes, Nutrition
Device Type
Medical Device Data System
Tech Stack
Jira, GitHub
Pain Points
Burdensome, Labor-Intensive Manual Documentation
DevOps and Quality teams were dedicating countless hours to manual SBOM generation and software supply chain risk management for open-source software. This exhaustive effort not only drained valuable time but also exposed them to risks like overlooking vulnerabilities, developer turnover, and potential compliance audit failures.
The Ketryx Solution
Simplifying the Software Supply Chain
Nutrino sought a developer-centric solution to streamline and secure SDLC management and selected Ketryx to achieve the following objectives:
- Automatic Document Generation: Ketryx seamlessly generates supplier data for SOUP and OTS, including manufacturer names and known anomaly lists, and integrates it with risk management information. Automating document generation replaced tedious manual processes, significantly increasing productivity.
- Risk Management: Ketryx provides an intuitive platform for effective risk management that includes security and reliability assessments, simplifying FDA-required risk analysis for OTS.
- Developer and Quality Productivity: Ketryx’s automated monitoring and notification system for attempted changes in the source code saves valuable time for R&D and Quality teams, who no longer have to manually find and input vulnerabilities.
Business Outcomes
Proactive Management of Software Vulnerabilities and SBOM
With Ketryx, the Nutrino team quickly realized several key benefits:
- Reduced Documentation Time: Reduced SBOM documentation time by 90%, saving valuable developer time by generating an SBOM instantly.
- Expedited Development with a Risk-Based Approach: Shortened time to market and sped up development time through risk-based SOUP, open-source software, and vulnerability management, releasing software faster and more frequently.
- Increased Cybersecurity: Shifted left to address potential vulnerabilities earlier in the development process, enhancing product quality, security, and efficiency.
“Ketryx empowered Nutrino to accelerate the adoption of OTS software and SOUP, ensuring confidence in our ability to proactively identify high-risk components and address potential issues early in the premarket submission cycle. This streamlined SDLC process has enabled us to deliver innovative and safe diabetes solutions much more rapidly.”
Chen Weitz
Senior Engineering Director