Onekey resources

Access the latest Whitepaper, Datasheets, research, and security advisories on cybersecurity and compliance—all in one place.

Featured resources

ONEKEY Webinar Integrating CRA Risk Management into Automated SecDevOps Workflows

Events

Nov 14, 2025

min read

ONEKEY Webinar Integrating CRA Risk Management into Automated SecDevOps Workflows

Join the ONEKEY webinar to learn how to integrate CRA risk management into automated SecDevOps workflows. Discover best practices for compliance, automation, threat modeling, and continuous security. Register now!

How We Taught Our Platform to Understand RTOS Firmware

Discover how ONEKEY’s platform breaks open real-time operating system (RTOS) firmware. Learn how automated architecture detection, load address recovery, and component identification bring transparency and security to embedded devices in automotive, medical, and industrial sectors.

Quentin Kaiser

Lead Security Researcher

ONEKEY Webinar From Detection to Decision

Events

Sep 17, 2025

min read

ONEKEY Webinar From Detection to Decision

From Detection to Decision | Improve vulnerability management with ONEKEY. Gain insights, enforce policies & prove compliance. Register for the webinar here.

Events

Sep 15, 2025

min read

ONEKEY Webinar From CRA to RED

From RED to CRA | Master new EU cybersecurity requirements with ONEKEY. Understand CRA, ensure compliance & leverage SBOMs. Register for the webinar now.

Whitepapers

Sep 3, 2025

min read

IoT & OT Cybersecurity Report 2025

Discover key insights from ONEKEY’s 2025 IoT & OT Cybersecurity Report: CRA compliance gaps, SBOM challenges, and urgent steps for secure digital products.

No market approval without cybersecurity: How companies can successfully implement the CRA

Blog

Aug 20, 2025

min read

No market approval without cybersecurity: How companies can successfully implement the CRA

The EU Cyber Resilience Act (CRA) makes cybersecurity a must for CE marking. Learn how companies can achieve compliance, ensure security, and secure market access.

Static Source Code Analysis vs. Binary Scanning

Compare static source code analysis and binary scanning. Learn how ONEKEY gives you full visibility, detects real risks, and generates SBOMs – even without source code.

Sebastian Schneider

Customer Success Engineer

ONEKEY Webinar Secure Private Keys in Public Firmware

Events

Aug 20, 2025

min read

ONEKEY Webinar Secure Private Keys in Public Firmware

Secure your connected products. Join our expert-led webinar to learn how to detect, manage, and prevent private key leaks in firmware. Ideal for PSIRTs and product security teams.

Events

Jun 5, 2025

min read

ONEKEY @ All About Automation 2025

Meet ONEKEY at All About Automation Düsseldorf 2025 (Sept 17–18 at Areal Böhler) to explore smart, secure, and compliant industrial automation. Discover how ONEKEY helps secure IoT & OT devices with automated SBOMs, firmware analysis, and IEC 81001-5-1 compliance.

ONEKEY Online Seminar Complying with the EU Cyber Resilience Act

Events

Jun 4, 2025

min read

ONEKEY Online Seminar Complying with the EU Cyber Resilience Act

Get ready for the EU Cyber Resilience Act (CRA). Join our expert-led seminar to understand CRA compliance, SBOMs, secure software supply chains, and automated self-assessments. Ideal for product security professionals.

Events

Jun 4, 2025

min read

ONEKEY Online Seminar RTOS Analysis

Join the exclusive ONEKEY online seminar to discover powerful RTOS firmware analysis techniques for securing embedded systems, automating compliance, and minimizing vulnerabilities. Register now!

Blog

May 23, 2025

min read

ONEKEY Platform Update May 2025

Explore ONEKEY’s latest platform enhancements, including advanced RTOS firmware analysis, ELF dependency visualization and many more

Security Advisory: Remote Code Execution on Diviotec IP Camera (CVE-2025-5113)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Diviotec IP Cameras. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

Security Advisory: Remote Command Execution on Netcomm NTC 6200 and NWL 222

Research

Jun 2, 2025

min read

Security Advisory: Remote Command Execution on Netcomm NTC 6200 and NWL 222

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Netcomm devices. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008)

Research

May 26, 2025

min read

Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Smartbedded MeteoBridge. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

Shell CGI Static Code Analysis - Automatic Discovery of RCEs

Research

May 23, 2025

min read

Shell CGI Static Code Analysis - Automatic Discovery of RCEs

Uncover ONEKEY's new shell CGI Static Code Analysis feature, designed to identify critical Remote Code Execution vulnerabilities. Click now to find out more.

Quentin Kaiser

Lead Security Researcher

ONEKEY @ 8th Annual European Medical Device and Diagnostic Cybersecurity Conference 2025 – Meet Us in Berlin!

Events

May 12, 2025

min read

ONEKEY @ 8th Annual European Medical Device and Diagnostic Cybersecurity Conference 2025 – Meet Us in Berlin!

Visit ONEKEY at Booth 4 during the Medical Device and Diagnostic Cybersecurity Conference 2025, May 13–15 at Mercure Hotel MOA Berlin. Explore our solutions for firmware security, SBOM, and IEC 81001-5-1 compliance.

ONEKEY Online Seminar Automate Vulnerability Management and Impact Assessment in the SDLC

Events

May 8, 2025

min read

ONEKEY Online Seminar Automate Vulnerability Management and Impact Assessment in the SDLC

Join our free 45-minute online seminar on May 15 to learn how to automate vulnerability management and impact assessment in the SDLC using ONEKEY. Live demo included.

ONEKEY @ STARTUP AUTOBAHN 2025 – Meet Us in Stuttgart!

Events

May 7, 2025

min read

ONEKEY @ STARTUP AUTOBAHN 2025 – Meet Us in Stuttgart!

Meet ONEKEY & ETAS at EXPO2025 Stuttgart. Discover how we automate product cybersecurity & compliance across the lifecycle—smart, scalable, risk-based.

Events

Apr 11, 2025

min read

ONEKEY Online Seminar SBOM Management

Join the exclusive ONEKEY online seminar to learn effective SBOM strategies for securing your software supply chain, simplifying regulatory compliance, and reducing security risks. Register now!

ONEKEY @ Embedded World 2025 – Meet Us in Nuremberg!

Events

Feb 4, 2025

min read

ONEKEY @ Embedded World 2025 – Meet Us in Nuremberg!

ONEKEY will be exhibiting at embedded world 2025 in Nuremberg with Booth 5-376, Hall 5. Attending as well? Let’s meet!

Whitepapers

Jan 17, 2025

min read

OT & IoT Cybersecurity Report 2024

ONEKEY's Cybersecurity Report 2024 shows: OT & IoT cyber attacks are rising dramatically – the industry is under pressure to act.

Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers

Research

Nov 26, 2024

min read

Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers

Discover how severe security flaws, including unauthenticated remote command execution (CVE-2024-11665 & CVE-2024-11666), affect eCharge EV charging controllers. Learn about insecure firmware practices, cloud infrastructure issues, and actionable steps to mitigate risks in EV charging systems.

Quentin Kaiser

Lead Security Researcher

ESCAR Europe 2024: THE WORLD'S LEADING AUTOMOTIVE CYBER SECURITY CONFERENCE!

Events

Nov 1, 2024

min read

ESCAR Europe 2024: THE WORLD'S LEADING AUTOMOTIVE CYBER SECURITY CONFERENCE!

ONEKEY at escar - The World's Leading Automotive Cyber Security Conference 2024 – Elevate Your Automotive Cybersecurity!

Success Stories

Nov 6, 2024

min read

Swisscom

How Swisscom saves USD400,000 per avoided IOT security incident through automated firmware analysis

Security Advisory: Unauthenticated Command Injection in Mitel IP Phones

Research

Nov 17, 2024

min read

Security Advisory: Unauthenticated Command Injection in Mitel IP Phones

Discover critical vulnerabilities in Mitel SIP phones that allow unauthenticated command injection. Learn how outdated input parsing can expose your devices and why it's essential to scan firmware for security risks. Protect your network with our in-depth analysis and expert takeaways.

What is a SBOM and why is it important for cybersecurity?

Learn about the benefits of a SBOM for cybersecurity and how it can improve the security and quality of your products. Read the Latest Blog Post Now!"

Sara Fortmann

Senior Marketing Manager

Reducing Common Vulnerabilities and Exposures (CVEs) in Software Development

Blog

Jan 15, 2023

min read

Reducing Common Vulnerabilities and Exposures (CVEs) in Software Development

Stay informed & stay protected with our blog on the EU Cyber Resilience Act. Learn what the new regulation means for your business & how to stay compliant.

Sara Fortmann

Senior Marketing Manager

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Research

May 26, 2024

min read

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in the TP-Link Archer C5400X router. Learn about the risks and recommended actions.

Security Advisory: Remote Code Execution in Ligowave Devices

Research

May 13, 2024

min read

Security Advisory: Remote Code Execution in Ligowave Devices

Explore the security advisory detailing remote code execution vulnerabilities in Ligowave devices. Learn about the risks & recommended protections.

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6199)

Research

Apr 25, 2025

min read

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6199)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198)

Research

Apr 25, 2025

min read

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

Research

Jul 8, 2024

min read

The X in XFTP Stands For eXecute

Find out how our platform enhances firmware security by identifying vulnerabilities & bugs in ICT products, ensuring compliance with DORA & NIS2 directive.

ONEKEY 360° Comprehensive Product Cybersecurity & Compliance

Whitepapers

Sep 1, 2024

min read

ONEKEY 360° Comprehensive Product Cybersecurity & Compliance

This whitepaper targets, Head of Product Cybersecurity, Product Owner, Compliance Professionals and Head of Devel- opment of manufacturers of connected devices.

TACKLING SOFTWARE SUPPLY CHAIN RISKS WITH IEC 62443 AND SBOM

Whitepapers

Nov 1, 2023

min read

TACKLING SOFTWARE SUPPLY CHAIN RISKS WITH IEC 62443 AND SBOM

This whitepaper targets security teams of industrial automation and control systems (IACS) asset owners and product suppliers.

Events

Nov 14, 2025

min read

ONEKEY Webinar Integrating CRA Risk Management into Automated SecDevOps Workflows

Research

Sep 22, 2025

min read

How We Taught Our Platform to Understand RTOS Firmware

Events

Sep 17, 2025

min read

ONEKEY Webinar From Detection to Decision

From Detection to Decision | Improve vulnerability management with ONEKEY. Gain insights, enforce policies & prove compliance. Register for the webinar here.

Events

Sep 15, 2025

min read

ONEKEY Webinar From CRA to RED

From RED to CRA | Master new EU cybersecurity requirements with ONEKEY. Understand CRA, ensure compliance & leverage SBOMs. Register for the webinar now.

Whitepapers

Sep 3, 2025

min read

IoT & OT Cybersecurity Report 2025

Discover key insights from ONEKEY’s 2025 IoT & OT Cybersecurity Report: CRA compliance gaps, SBOM challenges, and urgent steps for secure digital products.

Blog

Aug 20, 2025

min read

No market approval without cybersecurity: How companies can successfully implement the CRA

The EU Cyber Resilience Act (CRA) makes cybersecurity a must for CE marking. Learn how companies can achieve compliance, ensure security, and secure market access.

Blog

Aug 20, 2025

min read

Static Source Code Analysis vs. Binary Scanning

Compare static source code analysis and binary scanning. Learn how ONEKEY gives you full visibility, detects real risks, and generates SBOMs – even without source code.

Events

Aug 20, 2025

min read

ONEKEY Webinar Secure Private Keys in Public Firmware

Secure your connected products. Join our expert-led webinar to learn how to detect, manage, and prevent private key leaks in firmware. Ideal for PSIRTs and product security teams.

ONEKEY @ IoT Tech Expo 2025 – Let's Meet AT Booth 109

Events

Aug 6, 2025

min read

ONEKEY @ IoT Tech Expo 2025 – Let's Meet AT Booth 109

Meet ONEKEY at IoT Tech Expo 2025 in Amsterdam to experience automated product cybersecurity and compliance for IoT, OT, and IIoT devices. Secure your systems – at scale.

Oops!

No result found

Please try a different category.

Ready to automate your Product Cybersecurity & Compliance?

Make cybersecurity and compliance efficient and effective with ONEKEY.

See it in Action

Onekey resources

Featured resources

ONEKEY Webinar Integrating CRA Risk Management into Automated SecDevOps Workflows

How We Taught Our Platform to Understand RTOS Firmware

ONEKEY Webinar From Detection to Decision

ONEKEY Webinar From CRA to RED

IoT & OT Cybersecurity Report 2025

No market approval without cybersecurity: How companies can successfully implement the CRA

Static Source Code Analysis vs. Binary Scanning

ONEKEY Webinar Secure Private Keys in Public Firmware

ONEKEY @ All About Automation 2025

ONEKEY Online Seminar Complying with the EU Cyber Resilience Act

ONEKEY Online Seminar RTOS Analysis

ONEKEY Platform Update May 2025

Security Advisory: Remote Code Execution on Diviotec IP Camera (CVE-2025-5113)

Security Advisory: Remote Command Execution on Netcomm NTC 6200 and NWL 222

Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008)

Shell CGI Static Code Analysis - Automatic Discovery of RCEs

ONEKEY @ 8th Annual European Medical Device and Diagnostic Cybersecurity Conference 2025 – Meet Us in Berlin!

ONEKEY Online Seminar Automate Vulnerability Management and Impact Assessment in the SDLC

ONEKEY @ STARTUP AUTOBAHN 2025 – Meet Us in Stuttgart!

ONEKEY Online Seminar SBOM Management

ONEKEY @ Embedded World 2025 – Meet Us in Nuremberg!

OT & IoT Cybersecurity Report 2024

Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers

ESCAR Europe 2024: THE WORLD'S LEADING AUTOMOTIVE CYBER SECURITY CONFERENCE!

Swisscom

Security Advisory: Unauthenticated Command Injection in Mitel IP Phones

What is a SBOM and why is it important for cybersecurity?

Reducing Common Vulnerabilities and Exposures (CVEs) in Software Development

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Security Advisory: Remote Code Execution in Ligowave Devices

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6199)

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198)

The X in XFTP Stands For eXecute

ONEKEY 360° Comprehensive Product Cybersecurity & Compliance

TACKLING SOFTWARE SUPPLY CHAIN RISKS WITH IEC 62443 AND SBOM

All resources

ONEKEY Webinar Integrating CRA Risk Management into Automated SecDevOps Workflows

How We Taught Our Platform to Understand RTOS Firmware

ONEKEY Webinar From Detection to Decision

ONEKEY Webinar From CRA to RED

IoT & OT Cybersecurity Report 2025

No market approval without cybersecurity: How companies can successfully implement the CRA

Static Source Code Analysis vs. Binary Scanning

ONEKEY Webinar Secure Private Keys in Public Firmware

ONEKEY @ IoT Tech Expo 2025 – Let's Meet AT Booth 109

Ready to automate your Product Cybersecurity & Compliance?