Login   |   1.866.392.4897 |   sales@timesys.com        English Japanese German French Korean Chinese (Simplified) Chinese (Traditional)
Best practices for triaging Common Vulnerabilities & Exposures (CVEs) in embedded systems: Top Three Questions Answered

Best practices for triaging Common Vulnerabilities & Exposures (CVEs) in embedded systems: Top Three Questions Answered

 

 

Keeping embedded system products secure requires ongoing, constant monitoring and management of Common Vulnerabilities and Exposures (CVEs) throughout the production lifecycle.

With the constant flood of CVEs reported each week, you need to have a process for understanding the exposure of your embedded system devices to cybersecurity exploits. It is important to see how CVEs apply to your product so you can quickly address the vulnerabilities that pose the greatest risk.

Continue reading “Best practices for triaging Common Vulnerabilities & Exposures (CVEs) in embedded systems: Top Three Questions Answered” »

Vulnerability management and triaging

Vulnerability management and triaging

 

 

With 300+ vulnerabilities being reported weekly in the US National Vulnerability Database (NVD), it is more challenging than ever to maintain the security of open source and third-party software used in embedded system products. One common approach to tackle the problem is to adopt a risk-based vulnerability management strategy in which vulnerabilities that pose the highest risk to your organization are remediated first. This blog outlines how to establish such an process as part of your software development lifecycle while keeping the maintenance cost and risk of exposure low.

Continue reading “Vulnerability management and triaging” »

Webinar with NXP: CVE triage best practices for efficient vulnerability mitigation

Webinar with NXP: CVE triage best practices for efficient vulnerability mitigation

 

 

Securing your embedded system devices is no longer just a final step in product development.

Security today must be a continuous process, a focus at every stage of your software development, release and maintenance cycles.

That’s because today’s vulnerability environment is radically different from the past. Hundreds of vulnerabilities that may or may not affect your products come to light every week.

Continue reading “Webinar with NXP: CVE triage best practices for efficient vulnerability mitigation” »

Vigiles Quick Start … because securing your products doesn’t have to be hard

Vigiles Quick Start … because securing your products doesn’t have to be hard

 

 

There is an old saying among cybersecurity vulnerability management practitioners:

The “good guys” have to get it right every time.

The “bad guys” have to get it right only once.

That means that the “good guys” — the security professionals whose mission is to keep corporate data safe — need to monitor, analyze and respond to every vulnerability that puts their systems, users and data at risk.

Continue reading “Vigiles Quick Start … because securing your products doesn’t have to be hard” »

BSP Lifecycle Maintenance: Top Three Questions Answered

BSP Lifecycle Maintenance: Top Three Questions Answered

 

 

Security is critical throughout the lifetime of an embedded system. Continually changing threat environments, new deployment modes and third-party software updates mean that the BSP software for an embedded system device can no longer remain static and “frozen.”

Continue reading “BSP Lifecycle Maintenance: Top Three Questions Answered” »

Vigiles Enhancements: Software Composition Analysis (SCA) & CVE Mitigation for Stronger Embedded System Security

Vigiles Enhancements: Software Composition Analysis (SCA) & CVE Mitigation for Stronger Embedded System Security

 

 

A giant list of vulnerabilities does little to help you bring more secure products to market.

What matters is how you filter the list, triage the vulnerabilities, and mitigate the ones that pose the greatest risk.

That’s why the new enhancements to our Timesys Vigiles Security Monitoring & Management Service will enable you to develop more secure embedded system products today and maintain stronger product security throughout their lifecycles.

Continue reading “Vigiles Enhancements: Software Composition Analysis (SCA) & CVE Mitigation for Stronger Embedded System Security” »

Stop Chasing Vulnerability Ghosts: Why efficient vulnerability detection is essential to medical device security

Stop Chasing Vulnerability Ghosts: Why efficient vulnerability detection is essential to medical device security

 

 

To detect and correct vulnerabilities, eliminate false positives and prioritize the rest

Every embedded system device maker should want to make security a selling point, preventing breaches or exploits, not an embarrassment if a security problem occurs.

But nothing equals the liability and regulatory risk associated with medical devices.

Continue reading “Stop Chasing Vulnerability Ghosts: Why efficient vulnerability detection is essential to medical device security” »

Medical Devices:  Automated Vulnerability Monitoring for Streamlined FDA Security Compliance

Medical Devices: Automated Vulnerability Monitoring for Streamlined FDA Security Compliance

 

 

Reducing cybersecurity risks to medical devices is essential. Regulators like the US Food and Drug Administration (FDA) have made improving medical device security a critical focus in recent years.

This means many in the medical device manufacturing community are now rethinking how the software components of their products are secured throughout their product lifecycles.

Continue reading “Medical Devices: Automated Vulnerability Monitoring for Streamlined FDA Security Compliance” »

NXP Solves Vulnerability Detection Challenge for Developers with New Automated Tool

NXP Solves Vulnerability Detection Challenge for Developers with New Automated Tool

 

 

This is a summary of a blog post published in full on NXP.com.

Connecting and being connected makes us vulnerable to hackers. With the number of IoT devices forecasted to reach 20.4 billion by 2020, the need for product security becomes even more pressing.

Continue reading “NXP Solves Vulnerability Detection Challenge for Developers with New Automated Tool” »

Full lifecycle security now available for Advantech’s new product line based on NXP i.MX 8 series processors

Full lifecycle security now available for Advantech’s new product line based on NXP i.MX 8 series processors

 

 

Designing secure products is important. But the ever-changing threat landscape means that a product may become vulnerable at any time after release.

That’s why we are excited to announce a new offering for stronger security across the full embedded system product lifecycle with our partner, Advantech.

Now, product developers using Advantech platforms incorporating NXP i.MX applications processors will have special access to the Timesys Vigiles service to continuously monitor and fix vulnerabilities in open source software components in their products.

Continue reading “Full lifecycle security now available for Advantech’s new product line based on NXP i.MX 8 series processors” »

Click to Hide Advanced Floating Content

Timesys Vigiles™
Vulnerability Management

 

 

Click to Hide Advanced Floating Content

Reduce Embedded System
Cybersecurity Risk