Customer Story

Crogl: Delivering Secure AI Solutions for the SOC with Spectra Assure

Crogl delivers a fully autonomous AI solution for security operations centers (SOC). The goal is to revolutionize how security teams investigate threats, solve problems with multiple data sources, and triage alerts without the constraints of pre-defined playbooks. With customers ranging from Fortune 500 companies and government agencies to technology start-ups, the need for solution privacy and security is paramount. To maintain privacy, Crogl’s solution operates in customers’ on-premise and private cloud environments, which also creates a varied set of software security and safety requirements.

Crogl is a compound AI system that leverages multiple AI models, tools, and custom components to enhance versatility and re-usability, compared with using a single model.

Spectra Assure™ delivers the visibility Crogl requires. “We want to build a product that customers can have confidence in, and they know when they deploy it, that it's safe and it's secure,” said Merza. “We looked around at other products, but we really needed something that can cut across the gamut of requirements that we have. We use Spectra Assure so we can get that full picture.”

Manage Risk Across Large Releases

One challenge Crogl faced was assessing the risks associated with different components in a complex software package. “For us, security is not an afterthought. It is part of how we develop, how we code on a minute-to-minute, hour-to-hour basis, and also how we do product release,” said Monzy Merza, co-founder and CEO of Crogl.

Crogl uses Spectra Assure to detect risks invisible to traditional security tools, including malware, tampering, exposed secrets, and suspicious behaviors. Spectra Assure quickly deconstructs software to deliver a comprehensive software bill of materials (SBOM), including proprietary, third-party and open-source libraries, and artifacts added during compilation.
 
“We believe that technology that is used by the security teams should be better, it should be robust, it should be safe, it should be secure,” said Merza. “The reason why we use Spectra Assure — it's in the name. We want to be sure that what we're releasing to our customers is safe.”
 
By mapping specific components and artifacts to detect threats and risks, Spectra Assure simplifies prioritization and provides details to enable remediation. It also detects unsafe functions, suspicious files, and malicious behaviors in AI/ML models and scripts. 

We use a number of different products for product security, but Spectra Assure is the only one that will actually stop a release if something doesn't pass.

Monzy Merza, Co-Founder and CEO, Crogl

The Final Build Exam

Crogl integrated Spectra Assure with its build and release processes to ensure every release is analyzed and security requirements are met before release. The Spectra Assure SAFE Report identifies malware, tampering, new threats, suspicious behaviors, or indicators of novel software supply chain attacks. After updates are made, the new build is assessed to ensure that remediation efforts have actually resolved issues before the product is released. 

Spectra Assure is integrated directly into Crogl’s CI/CD build pipeline, assessing software builds before release. While Crogl operates in both customer on‑premises and private cloud environments, the architectural design could be deployed on AWS for scalability and resilience. In such a configuration, AWS compute (e.g., EC2 or container services) would host the Spectra Assure scanning engine, with S3 for artifact storage and Amazon RDS or DynamoDB for SBOM and SAFE report data. Integration points include build servers (e.g., Jenkins, GitHub Actions) that feed binaries into S3 and trigger scans via AWS Lambda or Step Functions.

Spectra Assure is powered by the world’s largest threat repository, with 40+ billion searchable malware and goodware files and up-to-date intelligence to stay ahead of emerging threats and increasingly advanced malware attacks.

“We know that when we're using Spectra Assure, we're not just running a vulnerability check underneath that vulnerability check. There is a lot of understanding of malware analysis, supply chain problems, and the relatedness of one library to another. We're getting the benefit of that,” said Merza.

Schedule a DemoContact Sales

Crogl
  • Crogl
  • Albuquerque, NM
  • 7
  • Cybersecurity
FacebookFacebookXX / TwitterLinkedInLinkedInblueskyBlueskyEmail Us
Download Story

When you're building for the SOC, you have to be secure. This is why we use Spectra Assure within our build pipelines to produce a high quality, safe, and secure product.

Monzy Merza, Co-Founder and CEO, Crogl

Challenges

  • Assure SOC customers’ software is safe
  • Assess complex AI software releases
  • Stay ahead of emerging threats

Solution

  • ReversingLabs Spectra Assure assesses software builds before release, providing a comprehensive SBOM, risk assessment, and remediation feedback

Results

  • Reduced risk by automating malware and tampering detection before release
  • Increased security assurance for customers with SAFE reports
  • Increased visibility with rapid analysis of large, complex software
  • Improved remediation efficiency and efficiency with detailed, actionable feedback

All RL Solutions

  • Spectra Assure

Want to Learn More?

Schedule a DemoContact Sales

Expert Insights

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top
The inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security is outGET THE REPORT
Skip to main content
Contact UsSupportBlogCommunity
reversinglabs
ReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
EventsBlack Hat 2026
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu
Spectra Assure: The Complete Solution for Software Supply Chain Security

Spectra Assure: The Complete Solution for Software Supply Chain Security

Learn More about Spectra Assure: The Complete Solution for Software Supply Chain Security
Spectra Assure: The Complete Solution for Software Supply Chain Security
The 5 Misconceptions of Software Supply Chain Security

The 5 Misconceptions of Software Supply Chain Security

Learn More about The 5 Misconceptions of Software Supply Chain Security
The 5 Misconceptions of Software Supply Chain Security
closing the software supply chain security gap black cubes

Closing the Software Supply Chain Security Gap

Learn about complex binary analysis and how it tackles supply chain threats like malware, tampering, exposed secrets and more — all without source code.

Learn More about Closing the Software Supply Chain Security Gap
Closing the Software Supply Chain Security Gap