Who is Nova Leah?

Nova Leah offers the first automated expert cybersecurity risk management solution for the medical device industry.

Our founder and CEO Anita Finnegan is an acknowledged expert medical device cybersecurity risk management, collaborating with the FDA, International Regulatory and Standards working groups and author of the IEC 80001-2-8 Security Control Standard.

How do we help Medical Device manufacturers and Health Delivery Organizations?

We help Medical Device Manufacturers mitigate risk and improve patient safety by streamlining testing and maintenance processes leading to a quicker time to market and reduced pre- and post-market costs. Our solution provides the necessary vulnerability monitoring and compliance information sharing capabilities needed to meet regulatory audit requirements.

We also help Health Delivery Organizations document the software bill of materials across their inventory of installed devices and monitor the exposure of those devices to new vulnerabilities. This proactive monitoring, independent of device manufacturers helps to reduce the overall cybersecurity risk and helps prioritize mitigation efforts.

The SelectEvidence® Solution

SelectEvidence is our intelligent cybersecurity risk management platform, which automatically provides continuous risk assessment and vulnerability monitoring combined with ongoing repository updates to identify threats for both new and legacy devices.

SelectEvidence provides device manufacturers with functional test plans, automated compliance reporting, and full verification traceability in a user-friendly system.

Industry and Regulatory Drivers

Given the increasing cybersecurity risk driven by the explosion of IoMT and constant identification of new vulnerabilities, the FDA mandates manufacturers provide evidence their devices are secure to obtain approval. FDA also mandates, continuous vulnerability monitoring of in-use and legacy devices with the power to ban the shipment and continued use of devices that don’t meet their cybersecurity requirements.

Manufacturers need a cradle to grave solution to manage cybersecurity risk management processes from requirements specification right through to product launch and eventual retirement.

Contact Us

For more information about us go to or reach us at 1-617-314-7010