Timesys Vigiles Vulnerability Monitoring and Remediation

Software Bill of Materials (SBOM) Management, Vulnerability Monitoring and Remediation

Vigiles

Best-in-class vulnerability monitoring and remediation tool that combines a curated CVE database, continuous security feed based on your Software Bill of Materials (SBOM), powerful filtering, and easy triage tools so you don’t get blindsided by vulnerabilities.

Get A DemoWatch the Video

You need a continuous security feed against all of your SBOMs so you don’t get blindsided by vulnerabilities.

Vulnerabilities leave devices open to devastating cybersecurity attacks, making headlines across the globe time and time again. With 350+ new vulnerabilities per week and numbers increasing drastically for the past 5 years, you need a tool to manage the onslaught of new vulnerabilities, cut through the noise, and identify the most pressing threats so you can take action.

Looking for a tool that can alert you to important, relevant vulnerabilities in your product SBOM?

Tired of chasing false positives and hunting for vulnerability fixes?

Trying to streamline your vulnerability management with a tool that adapts to your SDLC process?

Take advantage of our purpose-built vulnerability management tool, Vigiles.

For more than 20 years, Timesys has been the industry’s trusted partner for secure embedded software design and development. We provide device makers and system developers with tools and services to accelerate time to market of more secure products.

How It Works

Easy Access To The Compliance Information You Need

Speed Up Compliance, Regulatory Workflows, and Reduce Your Risk

Vigiles helps you keep up with the expanding requirements in regulated industries that require documented cybersecurity efforts and component transparency such as the White House EO 14028, FDA Cybersecurity, EU Cyber Resilience Act (CRA).

  • Track compliance status and identify areas for improvement in your SBOMs.
  • Reduce remediation efforts by focusing on real threats with VEX-enabled tracking.
  • Meet documentation requirements and maintain an audit trail for cybersecurity and component transparency, including NTIA minimum SBOM compliance.
  • Export VEX reports to enhance compliance tracking with detailed exploitability context.

Organize Your Product SBOMs

SBOM Management Dashboard

Vigiles keeps your product’s software vendor SBOMs and your own custom application SBOMs organized with our SBOM dashboard.

  • Easier tracking of multiple SBOMs so you can keep them up to date and organized.
  • Compatible with multiple upload methods and formats, so you can use the right CI/CD pipeline integration for each SBOM.
  • Know the status of your product SBOMs at a glance with summary information, with details available when you need them.
  • Manage both standard SBOMs and SBOMs with embedded VEX data to streamline exploitability tracking alongside traditional vulnerability assessments.

Use Accurate Device Information

SBOM Generation and [CI/CD] Integration

Vigiles supports all major Linux build system integrations including Yocto, Buildroot, PetaLinux, Wind River Linux, PTXdist, OpenWrt, Timesys Factory, containers, RTOSes, and other operating systems and ecosystems such as Python for more accurate SBOM generation.

  • Track and manage SBOMs across products and releases, supporting formats like CycloneDX, SPDX, and SPDX Lite.
  • Integrate SBOM generation into your CI/CD pipeline using Vigiles CLI and Timesys tools for seamless build system integration.
  • Reduce noise by accurately mapping kernel and U-Boot configurations to CVEs, package versions, and applied patches.
  • Get immediate CVE summaries with automated SBOM scans against a curated vulnerabilities database.
  • Manage supply chain risks with detailed, actionable SBOM insights.
Vigiles provides up to 40% accuracy improvement over the National Vulnerability Database (NVD)

Start with a Better List of CVEs

Timesys Curated Database

Vigiles provides up to 40% accuracy improvement over the National Vulnerability Database (NVD) with Timesys’ curated CVE/CPE database.

  • More accurate data: Timesys Vigiles team manually analyzes incorrect CVEs and updates in our system
  • Optimized for embedded: intelligent curation algorithms for the Linux kernel and U-Boot run daily
  • Get alerts earlier: we minimize reporting delays by up to four weeks by pulling data from multiple feeds

See Only Applicable CVEs

Your Build + Our Database =
Accurate Results

Vigiles only pulls the data for the CVEs that correspond to your SBOM, giving you a curated list to review.

  • Drastically reduce your analysis workload, with 85% fewer CVEs to review.
  • Improve accuracy with 95% fewer false positives, letting you focus on real, actionable vulnerabilities.
Vigiles only pulls the data for the CVEs that correspond to your SBOM

Filter the Shortlist Quickly

Identify Top Vulnerabilities Based on Your Risk Analysis

Powerful filters allow you to quickly identify the CVEs that you want to fix.

  • Filter CVEs by: package affected, patch or fix availability, CVE severity, custom scoring, affected platforms, notes/comments, and kernel and U-Boot configuration options
  • Identify CVEs you want to ignore by actively whitelisting
  • Leverage VEX filtering to focus on exploitable CVEs, reducing time spent on low-priority vulnerabilities.

Keep Your Remediation Team in Sync

Document Your Decisions and Coordinate Responses

Streamline vulnerability management and mitigation with easy-to-use collaboration tools.

  • Share SBOMs with other team members so they can add notes to CVEs, whitelist them, and more
  • Connect Vigiles with Jira for seamless issue tracking
  • VEX-enabled reports make it easier to prioritize remediation by focusing on vulnerabilities that are confirmed to be exploitable, ensuring that team efforts are aligned with actual risk.

Stop Searching and Start Patching

See the Remediation Options with One Click

For every CVE found in your scanned SBOM, Vigiles will let you know if there is a fix and give you the patch, minimum version, and/or config option information needed to remediate the vulnerability.

  • Easily identify remediation options with resources included in your report
  • Make quick fixes with links to available patches, workarounds for remediation when a patch is not available, and links for recreating the CVE exploit for testing

Enjoy Easier Regulatory Compliance

Use Shareable Reports and
Diff-Like Comparisons Tools

Comparing reports and viewing report history enables you to more efficiently manage cybersecurity vulnerabilities affecting your product throughout its product lifecycle and comply with government and regulatory security standards.

  • Track changes between releases and generate automated summary reports for release notes.
  • Compare SBOMs side-by-side, with searchable SBOM and CVE sections for quick insights.
  • Export SBOMs in official formats like SPDX, SPDX Lite, and VEX BOM, focusing documentation on relevant threats and regulatory needs.
Export your Software Bill of Materials (SBOM) in SPDX, shareable reports enable you to more efficiently manage cybersecurity vulnerabilities

Keep Your Product Secure with Continuous Monitoring

Set up Your Security Feed and Alerts with Emailed Reports

Vigiles securely maintains current SBOMs of your products and continuously rescans and tracks vulnerabilities for all versions even after your product is released and in production.

  • Stay on top of new vulnerabilities with periodic rescans and reports
  • Keep your device secure in the field, for full product lifecycle

Multiple Reason To Replace or
Augment Your Existing Tools

SCA Optimized for Embedded

SCA Optimized for Embedded

build system integration, kernel/u-boot filters, and platform filters for 85% fewer CVEs to analyze

Superior Curated Data Accuracy

Superior Curated Data Accuracy

95% fewer false positives plus more coverage and earlier reporting

Fits into Software Development Life Cycle Workflow

Fits into Software Development Life Cycle Workflow

CI/CD, Jira integration, APIs, team collaboration

Streamline compliance

Streamline Compliance

SBOM generation, license and vulnerability policy, and documentation

Efficient triaging and remediation

Efficient Triaging and Remediation

Email alerts, intelligent filtering, links to fixes

ROI in as little as 3 months

ROI in as Little as 3 Months

with time saved

What Are The Options?

Vigiles is offered in Two versions: Prime, and Enterprise. Vigiles Prime and Enterprise include advanced CVE monitoring with alerts and reports, and time-saving triage and remediation features.

Prime

All the features of the SBOM Manager version plus CVE monitoring for SBOMs, collaboration tools for CVE triage and mitigation, advanced filtering, detailed notifications, advanced reporting tools, patch notification and management features, links to related Linux kernel patches, OSS fixed version notifications, and more.

Enterprise

All the features of the SBOM Manager and Prime versions, with additional support for a wider range of ecosystems, including various programming languages and operating systems. Plus, Vigiles Enterprise offers flexible deployment options, including hosted servers managed by Timesys and cloud-based solutions, allowing you to maintain full control over your security operations without compromising scalability or connectivity.

Vigiles Enterprise includes support for the CycloneDX Vulnerability Exploitability eXchange (VEX) format, helping organizations prioritize vulnerability remediation efforts based on confirmed exploitability.

WANT TO SEE IT IN ACTION AND ASK QUESTIONS?

Schedule a Demo for Your Use Case

Detect, filter, triage, and remediate vulnerabilities with the industry’s first Software Composition Analysis and CVE monitoring tool targeted at embedded Linux.

When Your Organization Requires Enterprise-Grade Security Solutions

Wide scale adoption and coverage of multiple ecosystems requires a higher caliber of user and a higher tier of Vigiles. Enter Vigiles Enterprise. User control that meets the needs of large scale deployment and coverage of more vulnerabilities across different ecosystems. And you can deploy on your own server, whether it’s connected to the internet, in your corporate cloud, or even operating in an air-gapped environment.

Manage Information Access and Group Controls

Role Based Access for Security Control

Efficient vulnerability management means ensuring that the right people have the right level of access. With role-based access control in Vigiles, you can easily assign permissions to team members and guests based on their responsibilities, keeping critical security data secure while empowering your team to take action where it matters.

Detect Vulnerabilities Beyond CVEs

Extensive Ecosystem Support

Embedded systems today rely on a mix of technologies, from IoT to AI-driven applications. Vigiles ensures that your products remain secure by offering vulnerability assessments across a diverse range of software ecosystems. This support goes beyond tracking CVEs, giving you confidence that vulnerabilities are addressed across all the tools and frameworks your team uses.

Flexible Deployment Options

Choose the Best Deployment for Your Needs

Vigiles Enterprise offers flexible deployment options to fit your organization’s security and infrastructure requirements. You can choose to deploy on a hosted server managed by Timesys or opt for a cloud-based server for seamless scalability and ease of access. This flexibility ensures that you can integrate vulnerability management into your existing workflows without compromising control or performance.

READY TO GET STARTED WITH VIGILES ENTERPRISE?

Schedule A Call to Get A Demo

We’ll answer any questions that you have and show you what Enterprise is like,
and we can even set up a trial account for you to test on your own.

Comprehensive Ecosystem Support for Embedded Vulnerability Management

With the rapid adoption of languages and technologies to support machine learning (ML), Internet of Things (IoT), and artificial intelligence (AI) models in embedded systems, the range of ecosystems involved has grown significantly.

Vigiles helps you stay ahead by offering vulnerability assessments across a wide variety of ecosystems, ensuring your systems remain secure beyond just known CVEs.

Our expansive support encompasses the diverse software stacks driving today’s embedded innovations, from low-level firmware to high-level application frameworks.

 

Supported Languages

C

C++

Dart

Go

Erlang

Haskell

Java

JavaScript

Kotlin

Python

 

Rust

Ruby

.NET

 

 

Covered Ecosystems

Crates.io (Rust)

GO

Hex (Erlang)

Haskell

Kotlin

Maven (Java)

npm (Node.js)

NuGet (.NET)

OSS-Fuzz

Pub (Dart)

PyPI (Python)

RubyGems (Ruby)

Standard Distros
(Debian GNU/Linux)

Embedded Operating Systems

 

Yocto

Buildroot

OpenWRT

 

Timesys Factory

FreeRTOS

Zephyr

Operating Systems

Containers

Vulnerability Data Sources

NVD (National Vulnerability Database), including CISA KEV (Known Exploited Vulnerabilities) info

OSV (Open Source Vulnerability), covering:

GitHub Advisory Database

PyPI Advisory Database

Go Vulnerability Database

Rust Advisory Database

Haskell Security Advisories

OSS-Fuzz

Debian Security Advisories

RConsortium Advisory Database

Ubuntu CVE Tracker

READY TO GET STARTED WITH VIGILES ENTERPRISE?

Schedule A Call to Get A Demo

We’ll answer any questions that you have and show you what Enterprise is like,
and we can even set up a trial account for you to test on your own.

Flexible and Secure Deployment Options

Vigiles Enterprise offers versatile deployment options to suit your organization’s infrastructure needs. Whether you want a fully managed hosted server or prefer the scalability of a cloud-based solution, Vigiles provides the flexibility and security required to meet your IT and operational requirements.

Hosted by Timesys

Managed Hosting for Convenience

Choose our fully managed hosting option, where the Vigiles Enterprise application is deployed on servers maintained by Timesys. Enjoy automatic updates, robust security, and seamless integration without the need for internal server management.

Scalable and Secure

Cloud-Based Deployment

Leverage the flexibility and scalability of a cloud-based server for your vulnerability management. Vigiles Enterprise can be deployed on your preferred cloud platform, allowing for effortless scaling and secure management of your SBOMs and vulnerabilities in real time.

WANT TO SEE IT IN ACTION AND ASK QUESTIONS?

Schedule a Demo for Your Use Case

Detect, filter, triage, and remediate vulnerabilities with the industry’s first Software Composition Analysis and CVE monitoring tool targeted at embedded Linux.

Still Have Questions? Check out the FAQ

Our FAQ covers everything from version features, to how Vigiles improves upon the National Vulnerability Database (NVD), to how Vigiles stacks up against other vulnerability scanners.

Check the FAQ

Need Vulnerability Monitoring and Remediation but Don’t Want to Do It Yourself? Check out our Linux OS/BSP Maintenance Service

Timesys’ Linux OS/BSP Maintenance is a subscription service that provides long-term security upgrades and maintenance of your Linux OS/BSPs alongside Vigiles’ vulnerability monitoring and management capabilities.

Check out Linux OS / BSP Maintenance

Using an RTOS? We’ve Got You Covered

With Vigiles, you can upload an SBOM or use our SBOM generator tool to create reports and monitor Zephyr, FreeRTOS, or Mbed vulnerabilities.

View a sample Zephyr report (requires login):

See a Sample Report

Already Using Black Duck? Stack the Benefits with Vigiles

Black Duck users can add Vigiles to their security toolkit to drastically reduce their workload. Vigiles leverages information from SBOMs to reduce false positives by 95% and reduce CVEs to analyze by 85% as compared to Black Duck. Learn more about how using these function-specific tools in tandem leads to improved efficiency and productivity:

See How Black Duck and Vigiles Work Together

See how Vigiles stacks up to other Software Composition Analysis (SCA) tools:

Compare Vigiles Against Other SCA Tools

See the impact of Vigiles in action

Vigiles demo
Demo

Schedule a Demo of Timesys Vulnerability Monitoring

Request a personalized demo to see how Vigiles can save you time with a curated database of CVEs, powerful filtering, and on-demand reporting

Schedule a Demo

Webinar

Software Security Management: Cutting through the vulnerability storm with Vigiles

Learn how to use Vigiles for automated security monitoring on your Linux BSPs, rapid security assessment and triage, and efficient security and vulnerability remediation.

Watch the Webinar

Blog

Evaluating vulnerability tools for embedded Linux devices

How to choose the right vulnerability management tool to bring your security maintenance cost down while improving the security posture of the device

Read the Blog