Login   |   1.866.392.4897 |   sales@timesys.com
Evaluating vulnerability tools for embedded Linux devices

Evaluating vulnerability tools for embedded Linux devices

by | November 17, 2020

Subscribe to our RSS
Share this on Facebook
Share this on Twitter
Share this on LinkedIn
Share

 

 

Monitoring and managing vulnerabilities in embedded Linux devices presents a unique set of needs that traditional IT vulnerability tools fail to address and result in wasted efforts chasing false positives and inefficiencies due to cumbersome workflows. After evaluating multiple IT cybersecurity tools, we at Timesys ended up creating a vulnerability management tool called Vigiles, which is optimized for embedded devices. This blog aims to share the lessons learned and how the right tool can bring your security maintenance cost down while improving the security posture of the device.

(more…)

Best practices for triaging Common Vulnerabilities & Exposures (CVEs) in embedded systems: Top Three Questions Answered

Best practices for triaging Common Vulnerabilities & Exposures (CVEs) in embedded systems: Top Three Questions Answered

by | September 15, 2020

Subscribe to our RSS
Share this on Facebook
Share this on Twitter
Share this on LinkedIn
Share

 

 

Keeping embedded system products secure requires ongoing, constant monitoring and management of Common Vulnerabilities and Exposures (CVEs) throughout the production lifecycle.

With the constant flood of CVEs reported each week, you need to have a process for understanding the exposure of your embedded system devices to cybersecurity exploits. It is important to see how CVEs apply to your product so you can quickly address the vulnerabilities that pose the greatest risk.

(more…)

Vulnerability management and triaging

Vulnerability management and triaging

by | September 10, 2020

Subscribe to our RSS
Share this on Facebook
Share this on Twitter
Share this on LinkedIn
Share

 

 

With 300+ vulnerabilities being reported weekly in the US National Vulnerability Database (NVD), it is more challenging than ever to maintain the security of open source and third-party software used in embedded system products. One common approach to tackle the problem is to adopt a risk-based vulnerability management strategy in which vulnerabilities that pose the highest risk to your organization are remediated first. This blog outlines how to establish such an process as part of your software development lifecycle while keeping the maintenance cost and risk of exposure low.

(more…)

Webinar with NXP: CVE triage best practices for efficient vulnerability mitigation

Webinar with NXP: CVE triage best practices for efficient vulnerability mitigation

by | August 17, 2020

Subscribe to our RSS
Share this on Facebook
Share this on Twitter
Share this on LinkedIn
Share

 

 

Securing your embedded system devices is no longer just a final step in product development.

Security today must be a continuous process, a focus at every stage of your software development, release and maintenance cycles.

That’s because today’s vulnerability environment is radically different from the past. Hundreds of vulnerabilities that may or may not affect your products come to light every week.

(more…)

Vigiles Quick Start … because securing your products doesn’t have to be hard

Vigiles Quick Start … because securing your products doesn’t have to be hard

by | July 15, 2020

Subscribe to our RSS
Share this on Facebook
Share this on Twitter
Share this on LinkedIn
Share

 

 

There is an old saying among cybersecurity vulnerability management practitioners:

The “good guys” have to get it right every time.

The “bad guys” have to get it right only once.

That means that the “good guys” — the security professionals whose mission is to keep corporate data safe — need to monitor, analyze and respond to every vulnerability that puts their systems, users and data at risk.

(more…)

BSP Lifecycle Maintenance: Top Three Questions Answered

BSP Lifecycle Maintenance: Top Three Questions Answered

by | June 13, 2020

Subscribe to our RSS
Share this on Facebook
Share this on Twitter
Share this on LinkedIn
Share

 

 

Security is critical throughout the lifetime of an embedded system. Continually changing threat environments, new deployment modes and third-party software updates mean that the BSP software for an embedded system device can no longer remain static and “frozen.”

(more…)

Vigiles Enhancements: Software Composition Analysis (SCA) & CVE Mitigation for Stronger Embedded System Security

Vigiles Enhancements: Software Composition Analysis (SCA) & CVE Mitigation for Stronger Embedded System Security

by | April 22, 2020

Subscribe to our RSS
Share this on Facebook
Share this on Twitter
Share this on LinkedIn
Share

 

 

A giant list of vulnerabilities does little to help you bring more secure products to market.

What matters is how you filter the list, triage the vulnerabilities, and mitigate the ones that pose the greatest risk.

That’s why the new enhancements to our Timesys Vigiles Security Monitoring & Management Service will enable you to develop more secure embedded system products today and maintain stronger product security throughout their lifecycles.

(more…)

Stop Chasing Vulnerability Ghosts: Why efficient vulnerability detection is essential to medical device security

Stop Chasing Vulnerability Ghosts: Why efficient vulnerability detection is essential to medical device security

by | April 1, 2020

Subscribe to our RSS
Share this on Facebook
Share this on Twitter
Share this on LinkedIn
Share

 

 

To detect and correct vulnerabilities, eliminate false positives and prioritize the rest

Every embedded system device maker should want to make security a selling point, preventing breaches or exploits, not an embarrassment if a security problem occurs.

But nothing equals the liability and regulatory risk associated with medical devices.

(more…)

Medical Devices: Automated Vulnerability Monitoring for Streamlined FDA Security Compliance

Medical Devices: Automated Vulnerability Monitoring for Streamlined FDA Security Compliance

by | March 6, 2020

Subscribe to our RSS
Share this on Facebook
Share this on Twitter
Share this on LinkedIn
Share

 

 

Reducing cybersecurity risks to medical devices is essential. Regulators like the US Food and Drug Administration (FDA) have made improving medical device security a critical focus in recent years.

This means many in the medical device manufacturing community are now rethinking how the software components of their products are secured throughout their product lifecycles.

(more…)

Click to Hide Advanced Floating Content

Keep your IoT device secure throughout its lifecycle