Helm features

What is Helm?

Helm is a comprehensive Software Bill of Materials (SBOM) and vulnerability management tool designed especially for medical device manufacturers (MDMs) to provide full visibility over your software supply chain and help you prioritize and remediate cybersecurity risks effectively. You can also track multiple software versions across devices, enabling you to easily handle the complex needs of medical devices with long lifespans and infrequent updates. Learn more about how Helm helps you meet FDA cybersecurity expectations.

Key features

FDA compliance

Supports NTIA and FDA cybersecurity requirements for SBOMs.
Provides tools for Secure Product Development Framework (SPDF).

Broad ecosystem visibility

Tracks both open-source software (OSS) and commercial third-party software.
Supports real-time operating systems (RTOS) and other operating systems to give a comprehensive view of your software ecosystem.

SBOM management

Handles SBOMs from open source, commercial tools, and manual uploads.
Supports CycloneDX and SPDX formats.
Matches your software against the National Vulnerability Database (NVD) and package managers using advanced normalization techniques. For example, Helm will normalize values such as “windows10”, “windows_10”, and “win 10” to the official value, such as Windows 10.
Manage component licenses. Import or manually add license information. Helm can also add missing license information.
Auto-enriches inaccurate or missing CPEs and PURLs.
If we can't identify a match in the NVD, you can create aliases to match components to software in the NVD. These will be auto-matched for all future SBOMs.
Quickly assess which products contain a particular vulnerable component.

Vulnerability management

Identifies impacted devices instantly during major vulnerabilities like Log4j or WannaCry on Helm's comprehensive dashboard. Helm's dashboard enables you to quickly remedy your most impacted products.
Zero in on critical vulnerabilities.
Track progress on unremediated vulnerabilities.
Prioritize and remediate quickly via continuously monitoring and updating of vulnerability severity, exploitability, Windows KB recommendations, and more.
Supports CVSS 2, CVSS 3.x, and EPSS severity and exploitability prediction scores. Learn more on CVSS.
Rescore vulnerabilities in bulk or individually to align with your product's environment and use.
Remediate vulnerabilities in bulk or individually.
Quickly assess whether your products are impacted by a particular vulnerability.
Get daily, weekly, or monthly vulnerability email digests to stay on top of the latest threats.

Regulatory reporting

PreviousHelm help center home NextQuickstart process

Last updated 11 days ago

What is Helm?

Key features

FDA compliance

Supports NTIA and FDA cybersecurity requirements for SBOMs.

Provides tools for Secure Product Development Framework (SPDF).

Broad ecosystem visibility

Tracks both open-source software (OSS) and commercial third-party software.

Supports real-time operating systems (RTOS) and other operating systems to give a comprehensive view of your software ecosystem.

SBOM management

Handles SBOMs from open source, commercial tools, and manual uploads.

Supports CycloneDX and SPDX formats.

Matches your software against the National Vulnerability Database (NVD) and package managers using advanced normalization techniques. For example, Helm will normalize values such as “windows10”, “windows_10”, and “win 10” to the official value, such as Windows 10.

Manage component licenses. Import or manually add license information. Helm can also add missing license information.

Auto-enriches inaccurate or missing CPEs and PURLs.

If we can't identify a match in the NVD, you can create aliases to match components to software in the NVD. These will be auto-matched for all future SBOMs.

Quickly assess which products contain a particular vulnerable component.

Vulnerability management

Identifies impacted devices instantly during major vulnerabilities like Log4j or WannaCry on Helm's comprehensive dashboard. Helm's dashboard enables you to quickly remedy your most impacted products.

Zero in on critical vulnerabilities.

Track progress on unremediated vulnerabilities.

Prioritize and remediate quickly via continuously monitoring and updating of vulnerability severity, exploitability, Windows KB recommendations, and more.

Supports CVSS 2, CVSS 3.x, and EPSS severity and exploitability prediction scores. Learn more on CVSS.

Rescore vulnerabilities in bulk or individually to align with your product's environment and use.

Remediate vulnerabilities in bulk or individually.

Quickly assess whether your products are impacted by a particular vulnerability.

Get daily, weekly, or monthly vulnerability email digests to stay on top of the latest threats.

Regulatory reporting