NetRise has launched a Discovery Partner Program to expand access to its software supply chain security products through external partners.
The program targets value-added resellers, managed security service providers, distributors, technology alliances, and strategic consultants as NetRise broadens its route to market through channel and services relationships.
The structure has three areas: channel and distribution growth, technology ecosystem alliances, and federal and strategic consulting partnerships. These are designed to support sales through resellers and service providers, product integrations with other vendors, and adoption in government and regulated markets.
The scheme includes two partner tiers. Accelerator Partners are specialist firms that invest in training and show consistent sales performance. Vanguard Partners are top-tier organisations that exceed revenue targets, bring deeper technical expertise, and promote NetRise in their sectors.
The launch reflects a broader push by cybersecurity vendors to rely more heavily on partner ecosystems to reach customers seeking advisory, implementation, and managed services alongside security software. In software supply chain security, that demand has grown as organisations try to identify risks in compiled software, firmware, and other components that sit outside conventional code analysis tools.
Thomas Pace outlined the rationale for the program.
"Organisations need more than tools. They need strategic and implementation support from those who understand how to operationalize software supply chain security," said Thomas Pace, Co-Founder and CEO, NetRise.
He added: "Our Discovery Partner Program provides the expertise, training, and enablement required to deliver meaningful outcomes. Combining the NetRise Platform and NetRise Provenance with our partner ecosystem, we help organizations assess, manage, prioritize, and reduce real software risk."
Partner services
Partners in the program will also be able to offer services built around NetRise products. These can include third-party risk reporting, device assessments, threat hunting, penetration testing, vulnerability and patch management, product security as a service, and attack surface management audits.
That services layer is likely to matter for customers in sectors with complex software inventories, where security teams need help understanding exposure across products they build, buy, or operate. NetRise focuses on identifying components inside binary images across firmware, kernels, operating systems, containers, and applications.
Several partner organisations backed the launch, including Squadra Solutions, World Wide Technology, and VulnCheck. Their comments highlight the role NetRise expects partners to play in combining its products with consulting, systems integration, and threat intelligence services.
"NetRise's platform fills one of the most urgent gaps in enterprise and federal cybersecurity-the inability to see and manage risk in compiled software," said Joe Kim, EVP Engineering & CTO, Squadra Solutions.
He added: "This program empowers partners like us to deliver measurable, real-world impact through modern software supply chain defense."
World Wide Technology also pointed to demand from organisations building and running large-scale security programmes.
"As a global solutions provider, World Wide Technology is focused on helping organizations design, implement and operationalize complex security programs at scale," said Charley Summers, Principal Consultant, GSP Strategic Solutions, WWT.
He added: "We continuously evaluate technologies that enable our clients to strengthen their risk posture in meaningful ways. NetRise represents one such capability, providing differentiated visibility and risk management at the software and firmware layers, helping organizations address foundational security risks from the ground up."
Security focus
The company's pitch centres on a long-standing supply chain security problem: knowing what is actually present inside software artefacts and whether those components create exposure. NetRise says its technology is designed to identify hidden dependencies, cryptographic artefacts, misconfigurations, and secrets that may not be visible through source-based tools, vendor software bills of materials, or questionnaires.
VulnCheck framed the relationship as a way to connect software visibility with intelligence on active threats.
"The complexity of modern software supply chains requires a 'trust but verify' approach," said Anthony Bettini, CEO, VulnCheck.
He added: "NetRise identifies what is actually inside the compiled code, and VulnCheck provides the context of how those components are being attacked. Together, we bridge the gap between visibility and defense, helping partners secure their customers' most critical assets."
Robbie Robbins, VP of Partnerships, NetRise, said the program is designed to combine the vendor's products with the domain expertise of service partners. That is a common model in cybersecurity markets, where customers often buy technology alongside advisory and operational support.
"Supply chain attacks continue to escalate, and there's never been a greater need to understand the reach of software supply chain compromises, combined with the ability to identify exposure in your software asset inventory quickly," said Robbie Robbins, VP of Partnerships, NetRise.
He added: "Through our partner ecosystem, we pair NetRise's software supply chain security product portfolio with our partners' services and domain expertise to help organizations close security gaps faster and with greater confidence. The Discovery Partner Program reinforces our commitment to a partner-first model while helping organizations reduce software supply chain risk at scale."