Header Press Iotinspector 768x183

Full control over compliance with IoT security standards

[vc_row][vc_column][vc_column_text]PRESS RELEASE[/vc_column_text][vc_custom_heading][vc_single_image image=”7822″ img_size=”full” media=”3333″ media_width_use_pixel=”yes” media_width_pixel=”348″][vc_column_text][list of security standards updated July 2020]

New functionality automatically detects non-conformities with ENISA, ETSI and OWASP guidelines

Berlin / Vienna – March 2, 2020 – With the new Compliance Checker, the IoT Inspector has recently been expanded to include a valuable feature that now enables users of the analysis platform to examine IoT firmware for compliance with international security standards. Thus, providers can quickly check their products for manufacturer conformity and companies can easily determine whether their IoT devices violate industry compliance regulations. The IoT Inspector experts will give first insights into the new function at NetSec 2020, the partner event of Exclusive Networks, on March 3rd in Vienna.

Security remains the major vulnerability in the Internet of Things and vulnerabilities in IoT devices are the norm rather than the exception. In view of the approximately 27 billion networked devices that are already in use around the world today, there is a cyber-attack surface of unimaginable size. Organizations and authorities, including the European Telecommunications Standards Institute (ETSI), the European Union Agency for Cyber Security (ENISA) and the Open Web Application Security Project (OWASP) have made it their mission to counteract this by adopting IoT security guidelines – for example for critical infrastructures. The Compliance Checker supports companies, infrastructure providers, manufacturers and consultants in the implementation of these guidelines and automatically checks for deviations from the following IoT security standards:

  • BITAG – Broad Internet Technical Advisory Group
  • DIN – Deutsches Institut für Normung
  • ENISA Baseline Security Recommendations for IoT
  • ETSI TS 103 645
  • GOV.UK – Government of the United Kingdom: Department for Digital, Culture, Media and Sport
  • LEGINFO CA GOV – State of California Legislative Information
  • OWASP TOP 10 IoT 2018 

“Legislators are placing increasing pressure on IoT device manufacturers to comply with the most important IoT security standards. And that’s a good thing, because only in this way can we finally guarantee the comprehensive security that has been overdue in the Internet of Things for years,” says Rainer M. Richter, Director Channels & Alliances at SEC Technologies. “With the Compliance Checker, we have now created an opportunity to check firmware for conformity or non-conformity with the most essential security standards – in an automated manner and with little effort. Everyone involved – manufacturers, service providers and end users – benefit in their own way. ”

With the IoT Inspector, the leading European developer of cyber security solutions SEC Technologies has developed a scalable platform that makes it possible to automate security analysis of IoT firmware. The platform offers unique transparency about what is in a firmware image and quickly and comprehensively identifies critical vulnerabilities such as programmed passwords in the firmware file system, outdated third-party components, gaps in the system configuration or SSH host keys, without requiring a source code. The IoT Inspector covers a wide range of IoT devices – including IP cameras, printers, routers, etc.[/vc_column_text][vc_button title=”Find out more” color=”btn-info” button_color=”color-462410″ border_animation=”btn-ripple-out” border_width=”0″ display=”inline” top_margin=”yes” link=”url:%2Ffirmware-analysis%2F|title:Firmware%20Analysis||” width=”175″ el_class=”ark-home-hero-btn-prim”][/vc_column][/vc_row]

About ONEKEY

ONEKEY is the leading European specialist in Product Cybersecurity & Compliance Management. The unique combination of an automated Product Cybersecurity & Compliance Platform (PCCP) with expert knowledge and consulting services provides fast and comprehensive analysis, support and management to improve product cybersecurity and compliance from product purchasing, design, development, production to end-of-life.

Critical vulnerabilities and compliance violations in device firmware are automatically identified in binary code by AI-based technology in minutes – without source code, device or network access. Proactively audit software supply chains with integrated software bill of materials (SBOM) generation. “Digital Cyber Twins” enable automated 24/7 post-release cybersecurity monitoring throughout the product lifecycle.

Integrated compliance checking already covers the upcoming EU Cyber Resilience Act and existing requirements according to IEC62443-4-2, EN303645, UNR155 and many others.

The Product Security Incident Response Team (PSIRT) is effectively supported by the integrated automatic prioritisation of vulnerabilities, significantly reducing the time to remediation.

Leading international companies in Asia, Europe and the Americas already benefit from the ONEKEY Product Cybersecurity & Compliance Platform and ONEKEY Cybersecurity Experts.

CONTACT:

Sara Fortmann

Marketing Manager

sara.fortmann@onekey.com

 

euromarcom public relations GmbH

+49 611 973 150

team@euromarcom.de