This blog post is published in full as a guest post on Embedded Computing Design.
In mid-November, the total count of vulnerabilities reported in 2018 surpassed the total for 2017, setting a new record for vulnerabilities with six weeks left in the calendar year.
At this pace, we are on track to see the count of Common Vulnerabilities & Exposures (CVEs), the authoritative index of confirmed IT system vulnerabilities, reach 16,000 or more vulnerabilities for this year, according to tracking site CVE Details.
If you develop embedded systems or devices incorporating them, how do you keep pace with analyzing 300 new CVEs being reported every week?
How do you narrow the focus on those that really matter for the systems and subcomponents in your products?
How do you assess the severity and risk of a CVE with respect to your end customer’s security requirements and regulatory compliance needs?