Designing secure products is important. But the ever-changing threat landscape means that a product may become vulnerable at any time after release.
That’s why we are excited to announce a new offering for stronger security across the full embedded system product lifecycle with our partner, Advantech.
Now, product developers using Advantech platforms incorporating NXP i.MX applications processors will have special access to the Timesys Vigiles service to continuously monitor and fix vulnerabilities in open source software components in their products.
Advantech has announced two new modules with support for NXP’s i.MX 8 series processors, and our new security offering expands the Vigiles service to encompass the extensive i.MX applications processor family.
Customers engaging in projects with Advantech i.MX-based modules will receive three free months of Vigiles Prime, the top tier of the Vigiles security monitoring service.
CVE Scanning & Tracking Made Easy
Every week hundreds of new vulnerabilities are announced in the Common Vulnerabilities and Exposures (CVE) list published by the US National Institute of Standards and Technology (NIST).
The effort to manually monitor, analyze and address all those vulnerabilities in a CVE database becomes immensely time consuming.
We introduced our new security service, Vigiles, to address this problem with an automated CVE scanner and CVE notifier, along with powerful mitigation analysis tools. As a result, product developers will be notified of vulnerabilities affecting their products and can quickly investigate them to mitigate any threats.
The Vigiles vulnerability report dashboard and collaboration tools enable you to track issues, investigate vulnerabilities, triage them to prioritize fixes, and cut the risk of breaches or security issues.
Vigiles includes powerful product-level security tracking views as well, enabling managers to understand the vulnerability profile of a product track and overall progress toward stronger security.
Patch Management Boost
Vigiles Prime, which Advantech customers can access, also automatically provides suggested fixes, including patch notification and component update information that simplifies and accelerates patch management.
As a result, Vigiles service streamlines security maintenance for embedded systems using open source components using Linux with the Yocto Project. In fact, Vigiles can cut security maintenance time and cost by an estimated 90 percent or more based on our experience with helping developers to secure their products throughout the product lifecycle.
Our customers use Vigiles and its security automation features to create high-efficiency vulnerability management workflows for vulnerability detection, investigation and mitigation. In this way product developers can improve embedded system security while cutting the costs and time spent on security maintenance.
Advantech, NXP, Timesys Focus on Security
We also recently announced a collaboration with NXP to make Vigiles available to product developers using NXP processors.
These partnerships show that security is front and center in today’s product development best practices.
That’s why Timesys offers a complete development solution that enables device developers to accelerate time-to-market for open source-based products that are “Secure by Design.”
In addition to Vigiles for maintaining product security over time, we also offer the Timesys BSP Lifecycle Maintenance service that handles security updates, patching, and other key tasks throughout the product lifecycle.
Learn more about Vigiles at https://www.timesys.com/security/vigiles-vulnerability-management-patch-monitoring/.
Timesys has extensive experience with embedded system development and lifecycle management. Timesys has been instrumental in working with global leader semiconductor manufacturers with smart, quick and quality solutions for highly complex systems with accelerated product innovation and multiple product variants.