Software supply chains have become a tasty target for adversaries fueled by successful, high-profile attacks on companies like Solarwinds and Kaseya and open-source offerings like Log4j. Now a software applications security company seeks to address the problem with what it’s saying is the first attack surface management (ASM) product to address threats across the application full stack of APIs, cloud services, SDKs, and open-source software.

Supply Chain Secure, a SaaS solution by Data Theorem announced Wednesday, counters threats with continuous runtime analysis and dynamic inventory discovery that goes beyond traditional source code static analysis and use of a software bill of materials (SBOM), according to the company.