Finite State, vendor of software supply chain security for connected devices, announced on Tuesday its expansion into the Europe, Middle East, and Africa (EMEA) region with the formation of a dedicated team. The move underscores Finite State’s commitment to supporting manufacturers and suppliers in navigating the evolving regulatory landscape and strengthening product security.
The establishment of the EMEA team comes in response to significant market drivers, including the European Union’s Cyber Resilience Act(CRA), NIS 2, and the Radio Equipment Directive (RED), which are reshaping the cybersecurity requirements for connected devices. By expanding its presence in EMEA, Finite State is positioned to provide localized expertise and support to organizations striving to meet these new standards.
“As regulatory frameworks like the EU CRA and CE RED introduce more stringent cybersecurity requirements, it’s imperative for organizations to proactively enhance their product security practices,” said Matt Wyckhouse, CEO of Finite State. “Our expansion into EMEA reflects our dedication to being at the forefront of these changes, offering our deep expertise in embedded product security, SBOM management, and vulnerability assessment to clients in the region.”
Finite State provides software supply chain security solutions for connected devices. Its platform integrates binary analysis, vulnerability management, and compliance tools to help organizations assess and manage risk in the software supply chain. The company serves clients across multiple industries, supporting efforts to build secure and resilient products.
The new EMEA team brings together seasoned professionals with extensive experience in cybersecurity and regulatory compliance. Their focus will be on delivering Finite State’s comprehensive suite of products and services, including:
- Deep Binary Analysis, Source Code Analysis and SBOM Lifecycle Management: Providing a foundation of detailed and accurate insights into software components, libraries, and full asset lifecycle management.
- Comprehensive Vulnerability and Threat Management: The Finite State Platform brings over 250 vulnerability, threat actor, and risk matching sources to identify vulnerabilities and exploitability, which are critical to maintaining regulatory and compliance posture.
- Penetration Testing and Secure SDLC Guidance: Conducting rigorous, full ecosystem testing and offering best practices for integrating security into the software development lifecycle, as well as pre-certification readiness testing and advisory for CE RED, EU CRA, FDA 524B, and the Connected Vehicle Rule.
- Regulatory Compliance Roadmaps: Assisting organizations in aligning with EU and global cybersecurity regulations and standards, such as the EU CRA, CE RED, and the Cyber Trust Mark.
- End-to-End Software Supply Chain Security: Ensuring the integrity and security of the entire software supply chain for connected products.
Finite State’s platform is designed to handle the scale and complexity of diverse product portfolios and extensive software ecosystems, making it an ideal solution for organizations operating in industries such as aerospace and defense, automotive, industrial machinery, telecommunications, healthcare, semiconductors, energy, and consumer electronics.
