Security Assessment Management System



HERCULES SecSAM is a Security Assessment Management System that can effectively solve open-source software(OSS) risk control and Software Bill of Materials (SBOM) management and other complex issues. Utilizing Cybersecurity Bill of Materials (CBOM) as the technical framework for risk assessment, it integrates the third-party software vulnerability reports (such as source code scanning and vulnerability scanning report), the CI/CD tool that interfaces with the problem tracking management system, and allows users to manage, track, and warn, in a more flexible and convenient way on the basis of secure development.


  • Manage Vulnerability Risk Rating Based on SBOM and CBOM structure

    Through the establishment and maintenance of SBOM, analysis of CVE, daily automatic update of vulnerability information, vulnerability report management, and tracking mechanism to effectively monitor the vulnerabilities of products and open-source suites to achieve complete CBOM management.
  • Easily analyze OSS components without source code

    Through firmware analysis (Firmware Analysis/Binary Analysis) technology, SecSAM analyzes the firmware provided by the 3rd party vendor without source code, supports CPE standard format, and discovers the OSS composition of the product.
  • Support OSS and 3rd party suite license analysis

    Automated analysis of OSS license mode, such as GPL, Apache,LGPL, and more, SecSAM helps customers avoid license disputes.
  • Improve efficiency of vulnerability fix with CI/CD integration 

    SecSAM can Integrate with the current development and management system and tool to perfect CI/CD procedure.


  • Easily create SBOMs

    By utilizing automation technology to analyze the composition of OSS in software, SecSAM creates the basis of risk management and improves the security of software supply chain.
  • Quickly investigate and resolve vulnerabilities

    Through CBOM, SecSAM manages and tracks vulnerabilities in the stages of development, testing, and maintenance, and integrates CI/CD development tools to facilitate instant resolution.
  • Avoid intellectual property disputes

    SecSAM's open source license analysis can check the license mode of OSS components to avoid affecting the interests of corporate intellectual property rights.
  • Comply with global IoT security standards

    By adopting the global standard for IoT security, ioXt Likelihood to assess product risks rating. SecSAM complies with international standard requirements and master product risks.


Product Awards

  • 2023 Cybersecurity Excellence Awards

    2023 Cybersecurity Excellence Awards

    Open Source Security - ASIA Gold Winner
  • 2022 IT World Awards
    Hot Technology of the Year | Security Software

Other Products

  • Cybersecurity E-Learning

    Security Innovation is committed to creating the most appropriate courses and learning experience for each learner, making cybersecurity as a part of product development, so that each employee understands the importance of security software development......
  • Automated Vulnerability Assessment Tool

    HERCULES SecDevice is an automated security assessment tool designed for connected products. It is equipped with functions such as vulnerability testing, fuzz testing, and web security testing.....


Contact Us
Thank you for visiting us. Please leave your contact information, and we will reply you as soon as we can.
  • Onward Security is committed to your privacy. Your information won't be shared with third parties and is used to contact you about relevant content. You may unsubscribe at any time. For more info, please read our Privacy Policy. By clicking below submit button, you consent to allow Onward Security to store and process the personal information submitted above to provide you the content requested.

Why Onward Security

In-depth Cybersecurity Techniques+

  • Uncovered 40+ zero-day vulnerabilities (CVE)
  • Discovered 3000+ IoT product vulnerabilities

Dedicated to IoT Product Security+

  • 200+ cybersecurity projects in IoT industry
  • Tested 1000+ IoT product security

Global Compliance and Certification Capability+

  • 500+ customers / 20+ countries certification obtained
  • Compliance experience in Automotive, Consumer, Industrial, and Medical industry
Subscribe to Newsletter:


Click the numbers in sequence.

This site uses cookies to improve your experience and to provide content customized specifically to your interests. By continuing to browse our site without changing your cookie settings (click the Privacy Policy button for more info), or by clicking the Continue button, you hereby acknowledge and agree to our privacy policy and use of cookies.