Spectra Assure Free Trial
Get your 14-day free trial of Spectra Assure for Software Supply Chain Security
Get Free TrialMore about Spectra Assure Free TrialWith an end-user population of roughly 18,000 and increasing geopolitical threats and privacy concerns, the City’s Security Operations team faces an ever-increasing influx of risks amidst an accelerating volume of requests from end users to download and deploy untested third-party commercial software. Furthermore, the City’s costs are meticulously reported, and team headcount increases are virtually impossible. The existing team is expected to maintain operational tempo despite increasing risks and legislated involvement with all RFPs and software requests, while their days are consumed developing controls around emerging capabilities such as AI.
Spectra Assure allows the team to optimize their approach to software requests, thus reducing risk while freeing up cycles for the team to remain nimble and responsive to an increasing volume of inquiries.
The City’s holistic approach to risk allows the Citizens to realize more value and better risk-avoidance from a cyber team that’s smaller than that of many comparable cities.
Security Leader, Canadian Municipal GovernmentSharing the SAFE report really works. We’ve had vendors thank us for letting them know, and affirm that they’ll fix the issue.
The ease of sharing the Spectra Assure SAFE Report, which highlights items exceeding the City’s risk appetite, has revolutionized interactions with some of the City’s vendors. Unlike several years ago when entire weeks were consumed asking “where’s Log4j?”, the City knows where COTS risk resides and can make targeted requests for vendors to address specific risks instead of spamming emails to the entire vendor constellation every time there’s an emerging risk.
The City’s cyber team uses Spectra Assure to analyze commercial and freemium software packages requested by their end users to determine if a software package is safe to deploy. SAFE reports provide requestors with a consistent basis of understanding regarding why a requested package may be denied or granted a temporary exception pending vendor engagement.
The shareable Spectra Assure SAFE Report provides the Security and Risk staff a means to identify and report on the dangers of software threats like malware, vulnerabilities, and suspicious behaviors. Security issues are clearly labeled and organized by risk category and indicate which findings are in direct violation of tailored security policies. SAFE reports provide sufficient details for vendors to pinpoint and address risks.
Security Leader, Canadian Municipal GovernmentBefore Spectra Assure was in place, it was hard to envision proper processes. Now they are standardized and driving down risk.
Previous processes were largely ad-hoc, thus, the only predictable outcome was that too much time would be consumed to yield an inconsistent and untrustworthy report on COTS risk. With software supply chain security as a growing priority for the local government, as highlighted by Verizon’s DBIR, Spectra Assure provides the Security Operations team with the capability to build a consistent process that allows better risk-reduction while demonstrably conforming to audited controls.
Security Leader, Canadian Municipal GovernmentFrom a time-saving perspective, it went from multi-days to do one analysis down to 15 minutes – and it allows us to make much more educated decisions.



RL's new Spectra Assure SAFE report sharpens the insights for supply chain risk assessments and adds powerful controls for the software you build or buy. Here’s how it works — and why it matters.

The latest Data Breach Investigations Report puts the focus squarely on third-party risk. Here’s what you need to know.