Every week, more than 300 new vulnerabilities affecting software systems are disclosed by security reporting services such as the Common Vulnerabilities & Exposures (CVE) database operated by the US National Institute of Standards and Technology (NIST).
If you develop embedded systems or embedded devices, keeping pace with the constant flood of new vulnerabilities, knowing which directly affect your products, and having the ability to quickly analyze them, is essential in keeping your products secure throughout their lifecycle.
Continue reading “Open Source CVE Monitoring and Management: Learn the Latest at Embedded Linux Conference 2019” »
Too often, it seems the first notification of a software vulnerability comes from an affected customer or the publicity surrounding a high-profile data breach. Then follows the mad scramble to mitigate the vulnerability, notify customers, update products in the field and so on.
This reactive approach to vulnerability management for your embedded system products simply doesn’t fly in today’s heightened vulnerability environment.
Continue reading “Vulnerability Management: Making proactive security maintenance a part of your product support processes” »