Login   |   1.866.392.4897 |   sales@timesys.com        English Japanese German French Korean Chinese (Simplified) Chinese (Traditional)
Best practices for triaging Common Vulnerabilities & Exposures (CVEs) in embedded systems: Top Three Questions Answered

Best practices for triaging Common Vulnerabilities & Exposures (CVEs) in embedded systems: Top Three Questions Answered

 

 

Keeping embedded system products secure requires ongoing, constant monitoring and management of Common Vulnerabilities and Exposures (CVEs) throughout the production lifecycle.

With the constant flood of CVEs reported each week, you need to have a process for understanding the exposure of your embedded system devices to cybersecurity exploits. It is important to see how CVEs apply to your product so you can quickly address the vulnerabilities that pose the greatest risk.

Continue reading “Best practices for triaging Common Vulnerabilities & Exposures (CVEs) in embedded systems: Top Three Questions Answered” »

Vulnerability management and triaging

Vulnerability management and triaging

 

 

With 300+ vulnerabilities being reported weekly in the US National Vulnerability Database (NVD), it is more challenging than ever to maintain the security of open source and third-party software used in embedded system products. One common approach to tackle the problem is to adopt a risk-based vulnerability management strategy in which vulnerabilities that pose the highest risk to your organization are remediated first. This blog outlines how to establish such an process as part of your software development lifecycle while keeping the maintenance cost and risk of exposure low.

Continue reading “Vulnerability management and triaging” »

Webinar with NXP: CVE triage best practices for efficient vulnerability mitigation

Webinar with NXP: CVE triage best practices for efficient vulnerability mitigation

 

 

Securing your embedded system devices is no longer just a final step in product development.

Security today must be a continuous process, a focus at every stage of your software development, release and maintenance cycles.

That’s because today’s vulnerability environment is radically different from the past. Hundreds of vulnerabilities that may or may not affect your products come to light every week.

Continue reading “Webinar with NXP: CVE triage best practices for efficient vulnerability mitigation” »

Vigiles Quick Start … because securing your products doesn’t have to be hard

Vigiles Quick Start … because securing your products doesn’t have to be hard

 

 

There is an old saying among cybersecurity vulnerability management practitioners:

The “good guys” have to get it right every time.

The “bad guys” have to get it right only once.

That means that the “good guys” — the security professionals whose mission is to keep corporate data safe — need to monitor, analyze and respond to every vulnerability that puts their systems, users and data at risk.

Continue reading “Vigiles Quick Start … because securing your products doesn’t have to be hard” »

Assessing CVE exposure and mitigation effort to reduce embedded system product cybersecurity risk

Assessing CVE exposure and mitigation effort to reduce embedded system product cybersecurity risk

 

 

Embedded system security has never been more important. Rising cyberattacks against embedded systems are increasingly putting devices and customers at risk of compromise.

Continue reading “Assessing CVE exposure and mitigation effort to reduce embedded system product cybersecurity risk” »

BSP Lifecycle Maintenance: Top Three Questions Answered

BSP Lifecycle Maintenance: Top Three Questions Answered

 

 

Security is critical throughout the lifetime of an embedded system. Continually changing threat environments, new deployment modes and third-party software updates mean that the BSP software for an embedded system device can no longer remain static and “frozen.”

Continue reading “BSP Lifecycle Maintenance: Top Three Questions Answered” »

Vigiles Enhancements: Software Composition Analysis (SCA) & CVE Mitigation for Stronger Embedded System Security

Vigiles Enhancements: Software Composition Analysis (SCA) & CVE Mitigation for Stronger Embedded System Security

 

 

A giant list of vulnerabilities does little to help you bring more secure products to market.

What matters is how you filter the list, triage the vulnerabilities, and mitigate the ones that pose the greatest risk.

That’s why the new enhancements to our Timesys Vigiles Security Monitoring & Management Service will enable you to develop more secure embedded system products today and maintain stronger product security throughout their lifecycles.

Continue reading “Vigiles Enhancements: Software Composition Analysis (SCA) & CVE Mitigation for Stronger Embedded System Security” »

Stop Chasing Vulnerability Ghosts: Why efficient vulnerability detection is essential to medical device security

Stop Chasing Vulnerability Ghosts: Why efficient vulnerability detection is essential to medical device security

 

 

To detect and correct vulnerabilities, eliminate false positives and prioritize the rest

Every embedded system device maker should want to make security a selling point, preventing breaches or exploits, not an embarrassment if a security problem occurs.

But nothing equals the liability and regulatory risk associated with medical devices.

Continue reading “Stop Chasing Vulnerability Ghosts: Why efficient vulnerability detection is essential to medical device security” »

Medical Devices:  Automated Vulnerability Monitoring for Streamlined FDA Security Compliance

Medical Devices: Automated Vulnerability Monitoring for Streamlined FDA Security Compliance

 

 

Reducing cybersecurity risks to medical devices is essential. Regulators like the US Food and Drug Administration (FDA) have made improving medical device security a critical focus in recent years.

This means many in the medical device manufacturing community are now rethinking how the software components of their products are secured throughout their product lifecycles.

Continue reading “Medical Devices: Automated Vulnerability Monitoring for Streamlined FDA Security Compliance” »

Don’t Sweat the Threats: Join the NXP webinar on vulnerability monitoring

Don’t Sweat the Threats: Join the NXP webinar on vulnerability monitoring

 

 

Security must be a top priority for devices that support critical processes.

Industrial control systems, medical devices, automotive systems and many other embedded systems must be secure. These devices need to be protected from exploits that can compromise system integrity, performance, system availability and the confidentiality of sensitive data.

Continue reading “Don’t Sweat the Threats: Join the NXP webinar on vulnerability monitoring” »

Click to Hide Advanced Floating Content

Timesys Vigiles™
Vulnerability Management

 

 

Click to Hide Advanced Floating Content

Reduce Embedded System
Cybersecurity Risk