Medcrypt announces its partnership with Tidelift, a provider of solutions for improving the security and resilience of the open-source software powering modern applications. This partnership aims to strengthen medical device security by leveraging data to offer advanced security solutions to customers, ensuring devices stay safe throughout their entire lifecycle.
For MDMs, the upcoming U.S. Food and Drug Administration’s (FDA) deadline of October 1 is a critical milestone, mandating the adoption of software bill of materials (SBOM) analysis for all regulated devices, according to Section 524B(b)(3) of the Federal Food, Drug, and Cosmetic Act.
To address this challenge, Medcrypt and Tidelift are collaborating to offer MDMs a robust vulnerability management solution that meets stakeholder needs and enables enhanced post-market vigilance. The partnership provides access to share granular data verified by Tidelift’s partner network of independent maintainers, which will ultimately make device makers better equipped to triage vulnerabilities.
By leveraging Tidelift’s data, Medcrypt advances its Helm solution; this partnership expands the data provided to customers, making a significant impact on post-market vigilance.
“We understand the urgency facing medical device manufacturers in meeting the FDA deadline,” said Om Mahida, VP of product at Medcrypt. “Together with Tidelift, we’re excited to present an enhanced vulnerability management solution that enables MDMs to proactively manage vulnerabilities.”
This collaboration arms MDMs with a powerful security framework capable of withstanding ever-evolving threats. By co-creating a set of evidence for upstream open source package secure development practices and continuously updating these certifications, the joint solution empowers manufacturers to not only meet the regulatory deadline but maintain a dynamic vulnerability program that safeguards medical devices in an evolving threat landscape.
“At Tidelift, we’re committed to providing the highest-quality data and tools to our customers,” said Donald Fischer, co-founder, and CEO of Tidelift. “Partnering with Medcrypt allows us to expand our reach and impact in the healthcare industry, enhancing medical device security and raising the bar for cybersecurity standards.”