RKVST has launched free and subscription-based pricing tiers for its SaaS solution. It claims that this will allow all organisations to collaborate on and share data in real-time. It believes that doing so will increase the trustworthiness of the data.
Jon Geater, chief technology and product officer at RKVST, says: “With the RKVST Free tier, we are making our award-winning enterprise blockchain accessible to the mainstream market. Delivering integrity, transparency and trust to digital supply chains is now available to everyone with a single API call or a single click.
“RKVST ensures that the right data gets to the right place at the right time, matching the speed and complexity challenges of today’s digital infrastructure and delivering the continuous assurance required for zero trust architecture.”
What is the RKVST platform?
The RKVST platform is a SaaS solution designed to provide an immutable digital record of who did what in the supply chain. It claims that this approach “delivers continuous assurance, integrity, transparency and trust in shared asset data.”
It allows everyone in the supply chain to update their data as soon as a change takes place. For example, a shipper arrives to collect goods. The driver checks the consignment against the shipping documents and updates the digital record to say the goods are collected. When they arrive in a warehouse, another check leads to another point of data. This continues all the way to the final delivery of the goods. Everyone knows who touched the goods, when and where.
Solutions tracking the digital supply chain using a permissioned blockchain are not new. IBM has been doing this with Dubai Port and Customs for four years. Other vendors have also worked with drug companies and those transporting high-value goods to ensure the safety of those goods.
Applying this to the Software Bill of Materials
What is of interest here is that RKVST is also targeting the software supply chain and Software Bill of Materials (SBOM). This is a much more complex supply chain, and it allows RKVST to claim it meets the US Presidential Executive Order 14028. That order requires you to know what components are included in a software package.
RKVST makes it easy for developers, testers and support teams to track the components and their state. Software products can be highly complex, with thousands of components depending on how granular you get. With an SBOM you get a complete list of what makes up a software package, even when it is a third-party component.
When a security patch or update from a third-party for a component is issued, an organisation can see if it is using that component. It can then decide whether to apply that patch itself or contact the software supplier to see if there are special instructions for updating that component.
For Managed Service Providers (MSPs) who are supporting many customers, this speeds up remediation of patches and updates. They can see how many customers are using a component, what they are using it for and can schedule an update. They can also work with a customer to ensure that the update does not impact operation of any software.
What are the new tiers?
The two new tiers are RKVST Free and RKVST Team, and there is also RKVST Enterprise. Each tier comes with a set of features that builds on the previous tier by increasing the number of users, API accesses and assets.
The pricing of the new tiers is Free, $499/mo and POA for the enterprise version. More details on what is in each tier can be found here.
What is missing from the free tier is the blockchain transactional immutability. That raises a question for the SBOM. There is an increasing amount of open-source software in the supply chain. Many of those solutions come from small developers who get no financial reward.
The question here is how do you engage them into the blockchain offering if they don’t have access to the blockchain transactional immutability? While they have API access, this separation between the API and the blockchain needs to be explained, and that is missing from the RKVST site.
Enterprise Times; What does this mean?
Anything that improves the visibility of assets and steps in the supply chain is to be welcomed. The more transparent it becomes, the easier it is to trust. For the physical supply chain it also helps reduce fraud and theft and can lead to earlier payments to smaller suppliers.
In the case of the SBOM, this is a really positive step as it is a far more complex problem than many realise. The biggest issue, however, is making sure that engaging with open-source developers ensures they get access to all the features, not a subset that limits to SBOM.
The new free tier is likely to help with that provided that developers are able to see what happens on the blockchain to see what is going on.
