This page collects ARIANNA content for teams responsible for vulnerability management, SBOM governance, remediation workflows, and regulatory readiness.
Use it to find published articles now, and to follow the editorial tracks we are building for engineering, security, quality, and compliance stakeholders.
Focused material for people managing real product-security work in connected and regulated environments.
SBOM is essential, but effective vulnerability management also requires hardware context, lifecycle tracking, and exploitability awareness.
Read the blogHow to integrate ARIANNA SCA scripts and APIs into CI/CD pipelines to keep security continuous and release friction low.
Read the blogCommon pitfalls teams make when handling vulnerability triage and how to avoid delays, false positives, and poor prioritization.
Read the blogSecurity Pattern announces ARIANNA as an independent company and appoints Jan Jager as CEO and Massimo Ratti as CTO ahead of the March 24, 2026 launch in Brussels.
Read the newsA concise update on CRA 2026 milestones, reporting deadlines, and practical preparation steps for product security teams.
Read the newsStart quickly with a sample project or create your own device model and SBOM, then continue from trial without starting over.
Read the newsAt our booth, we will demonstrate ARIANNA with a focus on how vulnerability management workflows support CRA implementation and ongoing compliance operations.
Read the newsConference highlights from Nuremberg, including key trends in SBOM operations, vulnerability prioritization, and compliance execution for embedded teams.
Read the newsA recurring summary of product-security developments relevant to connected, embedded, and safety-critical products.
Read the newsletterCoverage of standards activity, certification changes, and milestone dates across major product-security regulations and frameworks.
Read the newsletterSelected ARIANNA announcements, roadmap developments, and partner updates that matter to customers evaluating operational fit.
Read the newsletterHow ARIANNA combines HBOM and SBOM with Processing Units and groups to make vulnerability monitoring operational over time.
Read the articleA practical approach to prioritizing vulnerabilities with CVSS, KEV, EPSS, exploit maturity, and attack vector relevance.
Read the articleA practical framework for turning SBOM generation into ownership, prioritization, and audit-ready execution.
Read the articleHow development, QC, and security teams can align scanning, triage, and penetration testing into one accountable workflow.
Read the articleGuidance for building repeatable triage, remediation, ownership, and reporting models around complex products and supply chains.
Read the articleFull platform manual with a left-side index, structured sections, and reference links for workflows, roles, and reporting.
Read the manualAccess ARIANNA support resources, troubleshooting guidance, and contact channels for technical assistance.
Open support pageIt is the workspace where teams manage one product or system over time, including Device Models, vulnerability triage, remediation tracking, and reporting.
Yes. ARIANNA combines hardware and software inventories in one model so vulnerabilities can be evaluated with full device context.
ARIANNA performs daily monitoring and report generation by correlating components with continuously updated vulnerability intelligence.
No. ARIANNA SCA tools run in development/build environments and upload component data to the platform without intrusive on-device agents.
Yes. APIs support automated Device Model updates, report generation, and filtering of high-priority vulnerabilities in pipeline workflows.
ARIANNA exports machine-readable formats such as CycloneDX, SPDX, and VEX, plus human-readable PDF reports for audit and stakeholder review.