IoT Inspector Industry News Q2 2021

May 10, 2021

Some good news to start with: Germany just passed its IT Security Act 2.0. We welcome this step and love to see that IoT security has finally been given a higher priority! 👏

In March, the FCC banned the use of 5 Chinese IoT manufacturers and OEM suppliers in US federal public administrations for security reasons — including well-known providers Huawei, Hikvision and Dahua. That their products and components are still used by authorities, companies, and organizations around the globe should give us a lot to think about!

Our IoT Security Report 2021, for which we surveyed 260 IT decision-makers, presents alarming findings: IoT security is still neglected by too many companies! There is a widespread lack of risk awareness, and responsibilities are often not clearly defined.

News from IoT Inspector

Our security researchers have been working hard over the past few months and discovered numerous critical vulnerabilities in IoT devices from well-known manufacturers – including D-Link, Fibaro, Cisco (twice!), and Gigaset/Libre Wireless.

You can now access all information and functions in IoT Inspector via our comprehensive GraphQL API. With the newly released SDK, the use of IoT Inspector is made even more flexible – from integration into asset management systems or CI/CD pipelines to feeding vulnerability alerts into SIEMs. Just get in touch with your team representative if you have any questions!

Let’s Meet!

RSA Conference, May 17-20 (Virtual):
This year’s RSA is all about “Resilience”. We are exhibiting at the German joint booth and as our partner, you have the exclusive opportunity to attend the exhibition free of charge. Simply register here using the code 54SIOTINSPE.

SecuTech, June 16 – July 15 (Virtual)
SecuTech in Taiwan will showcase the latest AI & IoT-driven products and solutions from the security, mobility, building and safety sectors. We will be present with a virtual booth and look forward to seeing you there!

IoT Inspector Webinar, May 26, 5pm CET
You’re not sure how to step up your IoT security game? Learn how to protect your business, organization, or customers from threats posed by fatal security vulnerabilities in IoT devices in an automated and efficient way!

We’d be happy to see you at one of our upcoming events!

About ONEKEY

ONEKEY is the leading European specialist in Product Cybersecurity & Compliance Management and part of the investment portfolio of PricewaterhouseCoopers Germany (PwC). The unique combination of an automated Product Cybersecurity & Compliance Platform (PCCP) with expert knowledge and consulting services provides fast and comprehensive analysis, support, and management to improve product cybersecurity and compliance from product purchasing, design, development, production to end-of-life.

Critical vulnerabilities and compliance violations in device firmware are automatically identified in binary code by AI-based technology in minutes – without source code, device, or network access. Proactively audit software supply chains with integrated software bill of materials (SBOM) generation. “Digital Cyber Twins” enable automated 24/7 post-release cybersecurity monitoring throughout the product lifecycle.

The patent-pending, integrated Compliance Wizard™ already covers the upcoming EU Cyber Resilience Act (CRA) and existing requirements according to IEC 62443-4-2, ETSI EN 303 645, UNECE R 155 and many others.

The Product Security Incident Response Team (PSIRT) is effectively supported by the integrated automatic prioritisation of vulnerabilities, significantly reducing the time to remediation.

Leading international companies in Asia, Europe and the Americas already benefit from the ONEKEY Product Cybersecurity & Compliance Platform and ONEKEY Cybersecurity Experts.

CONTACT:

Sara Fortmann

Marketing Manager

sara.fortmann@onekey.com

euromarcom public relations GmbH

+49 611 973 150

team@euromarcom.de