QNAP Newsroom

Taipei, Taiwan, March 11, 2025– As cybersecurity threats escalate, managing risks in the software supply chain has become a key component for businesses to ensure information security. QNAP® Systems, Inc. is proactively strengthening its software supply chain security by maintaining a Software Bill of Materials (SBOM), enhancing risk management efficiency, and ensuring the security and transparency of its NAS software environment.

QNAP’s Cybersecurity Measures:

• SBOM Support and Software Transparency: By maintaining a comprehensive SBOM, QNAP tracks component versions and sources to ensure timely security updates. It adopts industry-standard formats (such as CycloneDX, SPDX) to enhance the license review process and ensuring compliance in sensitive industries, and performs Software Composition Analysis (SCA) to detect vulnerabilities in open-source components.
• Continuous Security Updates: Regular updates are released, and vulnerabilities are detected through automated tools, enhancing product and data security.
• Third-Party Security Reviews and Compliance Certifications: QNAP integrates the MITRE CVE and CISA KEV databases for rapid vulnerability response and follows international cybersecurity standards for reviews and testing.
• Internal Development with Multi-Layered Protection: QNAP adopts multi-layered protection measures, including physical security and intrusion detection systems, to safeguard the development process and user data.

QNAP continues its commitment to providing secure and reliable NAS solutions, strengthening software supply chain management to help businesses enhance cybersecurity resilience and ensure long-term stable operations. Click here to learn more about QNAP's software supply chain risk management.