Onekey res o urces

Zyxel Strengthens Cybersecurity and Compliance with ONEKEY’s Automated Vulnerability Management

Find out how Zyxel has automated vulnerability management and met CRA compliance requirements. Read the Success Story now!

How Richard Wolf Strengthened Medical Device Cybersecurity Using ONEKEY

Discover how Richard Wolf strengthens medical device cybersecurity with ONEKEY. Read the Success Story Now!

ONEKEY Webinar: CRA Phase I: Incident Reporting & Operational Readiness

Learn how to prepare CRA reporting, escalation, and PIRT processes for operational compliance readiness. Register Now!

SBOM and VEX Workflows for Scalable Vulnerability Management

SBOMs provide transparency, while VEX enables risk-based prioritisation. Learn how to integrate both into compliance workflows.

RTOS Cyber Security and Compliance in Embedded Systems

RTOS-based products introduce long-term security and compliance risks. This guide outlines governance, vulnerability management, and regulatory strategies.

Beyond the Hype: LLMs, Mythos, and the Future of Firmware Analysis

Discover how LLMs like Claude Mythos are reshaping firmware security, accelerating vulnerability discovery, and why deterministic platforms like ONEKEY remain essential for scalable, reliable firmware analysis.

ONEKEY Webinar: From Raw Firmware to Vulnerabilities: Demystifying AUTOSAR SBOM & Risk Mapping

Learn how to analyze AUTOSAR systems directly from raw firmware. Discover how to extract components, generate SBOMs, and map vulnerabilities using PURLs.

ONEKEY Webinar: CRA Harmonized Standards - - Role, Structure and Practical Application for EU Market Access

Get clarity on CRA harmonized standards & learn how to prepare your organization for their practical application – Register now!

Software Supply Chain Security Best Practices: A Strategic Guide for Product Leaders

The CRA is coming. Learn best practices for securing the software supply chain, from SBOMs to binary analysis. Read now!

Threat Modeling in the SDLC: A Strategic Guide for Product Security

Integrate threat modeling efficiently into all phases of the SDLC. Avoid costly design errors and meet CRA requirements. Learn more!

Latest Developments in Unblob: New Formats, Smarter Extraction, and a More Hardened Release Pipeline

Discover what changed in unblob since release 25.11.25, including new firmware and filesystem format support, smarter extraction workflows, robustness fixes, performance improvements, and stronger release security.

ONEKEY Webinar: Post-Quantum Cryptography - Assessing Your PQC Readiness with ONEKEY

Mar 24, 2026

ONEKEY Webinar: Post-Quantum Cryptography - Assessing Your PQC Readiness with ONEKEY

Get a practical introduction to post-quantum cryptography & learn how organizations can assess their PQC readiness using the ONEKEY platform.

ONEKEY Webinar: CRA Harmonized Standards - Role, Structure and Practical Application for EU Market Access

Get clarity on CRA harmonized standards & learn how to prepare your organization for their practical application – Register now!

How OPEX Achieved CRA Readiness Through ONEKEY’s Structured Expert Assessment

Discover how OPEX secured CRA readiness with ONEKEY’s expert assessment. Gain clarity and compliance confidence!

ONEKEY Webinar: What Makes a Good SBOM? Ensuring High-Quality, Actionable Software Bill of Materials

Mar 2, 2026

ONEKEY Webinar: What Makes a Good SBOM? Ensuring High-Quality, Actionable Software Bill of Materials

Learn how to ensure High-Quality, Actionable Software Bill of Materials - Register now!

SBOM For Firmware and Embedded Software in DevSecOps

Learn about the challenges firmware SBOMs pose in DevSecOps and how teams are pragmatically solving them.

What Is a Software Bill of Materials (SBOM)? Meaning, Example & Use Cases

Discover the meaning of a Software Bill of Materials (SBOM), see real examples, and learn how SBOMs strengthen software security and compliance today.

What Is a Security Vulnerability? Definition & Examples

Find out what a security vulnerability is, see common examples of vulnerabilities in security, and learn how to manage risks effectively. Read more!

Meet ONEKEY at embedded world 2026 – Nuremberg

Discover the next level of product cybersecurity & compliance for embedded systems on site in Nuremberg. Book you meeting now!

Meet ONEKEY at the IoT Tech Expo 2026 - London

Meet ONEKEY at IoT Tech Expo 2026 in London to experience automated product cybersecurity and compliance for IoT, OT, and IIoT devices. Secure your systems – at scale.

ONEKEY Webinar Integrating CRA Risk Management into Automated SecDevOps Workflows

Join the ONEKEY webinar to learn how to integrate CRA risk management into automated SecDevOps workflows. Discover best practices for compliance, automation, threat modeling, and continuous security. Register now!

How We Taught Our Platform to Understand RTOS Firmware

Discover how ONEKEY’s platform breaks open real-time operating system (RTOS) firmware. Learn how automated architecture detection, load address recovery, and component identification bring transparency and security to embedded devices in automotive, medical, and industrial sectors.

ONEKEY Webinar From Detection to Decision

Sep 17, 2025

ONEKEY Webinar From Detection to Decision

From Detection to Decision | Improve vulnerability management with ONEKEY. Gain insights, enforce policies & prove compliance. Register for the webinar here.

Sep 15, 2025

ONEKEY Webinar From CRA to RED

From RED to CRA | Master new EU cybersecurity requirements with ONEKEY. Understand CRA, ensure compliance & leverage SBOMs. Register for the webinar now.

Reports

Sep 3, 2025

IoT & OT Cybersecurity Report 2025

Discover key insights from ONEKEY’s 2025 IoT & OT Cybersecurity Report: CRA compliance gaps, SBOM challenges, and urgent steps for secure digital products.

No market approval without cybersecurity: How companies can successfully implement the CRA

Blog

Aug 20, 2025

Customer Success Engineer

No market approval without cybersecurity: How companies can successfully implement the CRA

The EU Cyber Resilience Act (CRA) makes cybersecurity a must for CE marking. Learn how companies can achieve compliance, ensure security, and secure market access.

Static Source Code Analysis vs. Binary Scanning

Compare static source code analysis and binary scanning. Learn how ONEKEY gives you full visibility, detects real risks, and generates SBOMs – even without source code.

Sebastian Schneider

ONEKEY Webinar Secure Private Keys in Public Firmware

Aug 20, 2025

ONEKEY Webinar Secure Private Keys in Public Firmware

Secure your connected products. Join our expert-led webinar to learn how to detect, manage, and prevent private key leaks in firmware. Ideal for PSIRTs and product security teams.

Jun 5, 2025

ONEKEY @ All About Automation 2025

Meet ONEKEY at All About Automation Düsseldorf 2025 (Sept 17–18 at Areal Böhler) to explore smart, secure, and compliant industrial automation. Discover how ONEKEY helps secure IoT & OT devices with automated SBOMs, firmware analysis, and IEC 81001-5-1 compliance.

ONEKEY Online Seminar Complying with the EU Cyber Resilience Act

Jun 4, 2025

ONEKEY Online Seminar Complying with the EU Cyber Resilience Act

Get ready for the EU Cyber Resilience Act (CRA). Join our expert-led seminar to understand CRA compliance, SBOMs, secure software supply chains, and automated self-assessments. Ideal for product security professionals.

Jun 4, 2025

ONEKEY Online Seminar RTOS Analysis

Join the exclusive ONEKEY online seminar to discover powerful RTOS firmware analysis techniques for securing embedded systems, automating compliance, and minimizing vulnerabilities. Register now!

Blog

May 23, 2025

ONEKEY Platform Update May 2025

Explore ONEKEY’s latest platform enhancements, including advanced RTOS firmware analysis, ELF dependency visualization and many more

Security Advisory: Remote Code Execution on Diviotec IP Camera (CVE-2025-5113)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Diviotec IP Cameras. Learn about the risks and recommended actions.

Security Advisory: Remote Command Execution on Netcomm NTC 6200 and NWL 222

Jun 2, 2025

Security Advisory: Remote Command Execution on Netcomm NTC 6200 and NWL 222

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Netcomm devices. Learn about the risks and recommended actions.

Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008)

May 26, 2025

Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Smartbedded MeteoBridge. Learn about the risks and recommended actions.

Shell CGI Static Code Analysis - Automatic Discovery of RCEs

May 23, 2025

Shell CGI Static Code Analysis - Automatic Discovery of RCEs

Uncover ONEKEY's new shell CGI Static Code Analysis feature, designed to identify critical Remote Code Execution vulnerabilities. Click now to find out more.

ONEKEY @ 8th Annual European Medical Device and Diagnostic Cybersecurity Conference 2025 – Meet Us in Berlin!

May 12, 2025

ONEKEY @ 8th Annual European Medical Device and Diagnostic Cybersecurity Conference 2025 – Meet Us in Berlin!

Visit ONEKEY at Booth 4 during the Medical Device and Diagnostic Cybersecurity Conference 2025, May 13–15 at Mercure Hotel MOA Berlin. Explore our solutions for firmware security, SBOM, and IEC 81001-5-1 compliance.

ONEKEY Online Seminar Automate Vulnerability Management and Impact Assessment in the SDLC

May 8, 2025

ONEKEY Online Seminar Automate Vulnerability Management and Impact Assessment in the SDLC

Join our free 45-minute online seminar on May 15 to learn how to automate vulnerability management and impact assessment in the SDLC using ONEKEY. Live demo included.

ONEKEY @ STARTUP AUTOBAHN 2025 – Meet Us in Stuttgart!

May 7, 2025

ONEKEY @ STARTUP AUTOBAHN 2025 – Meet Us in Stuttgart!

Meet ONEKEY & ETAS at EXPO2025 Stuttgart. Discover how we automate product cybersecurity & compliance across the lifecycle—smart, scalable, risk-based.

Apr 11, 2025

ONEKEY Online Seminar SBOM Management

Join the exclusive ONEKEY online seminar to learn effective SBOM strategies for securing your software supply chain, simplifying regulatory compliance, and reducing security risks. Register now!

ONEKEY @ Embedded World 2025 – Meet Us in Nuremberg!

Feb 4, 2025

ONEKEY @ Embedded World 2025 – Meet Us in Nuremberg!

ONEKEY will be exhibiting at embedded world 2025 in Nuremberg with Booth 5-376, Hall 5. Attending as well? Let’s meet!

Reports

Jan 17, 2025

IoT & OT Cybersecurity Report 2024

ONEKEY's Cybersecurity Report 2024 shows: OT & IoT cyber attacks are rising dramatically – the industry is under pressure to act.

Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers

Nov 26, 2024

Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers

Discover how severe security flaws, including unauthenticated remote command execution (CVE-2024-11665 & CVE-2024-11666), affect eCharge EV charging controllers. Learn about insecure firmware practices, cloud infrastructure issues, and actionable steps to mitigate risks in EV charging systems.

ESCAR Europe 2024: THE WORLD'S LEADING AUTOMOTIVE CYBER SECURITY CONFERENCE!

Nov 1, 2024

ESCAR Europe 2024: THE WORLD'S LEADING AUTOMOTIVE CYBER SECURITY CONFERENCE!

ONEKEY at escar - The World's Leading Automotive Cyber Security Conference 2024 – Elevate Your Automotive Cybersecurity!

HOW SWISSCOM SAVES USD400,000 PER AVOIDED IOT SECURITY INCIDENT THROUGH AUTOMATED FIRMWARE ANALYSIS

Success Stories

Nov 6, 2024

HOW SWISSCOM SAVES USD400,000 PER AVOIDED IOT SECURITY INCIDENT THROUGH AUTOMATED FIRMWARE ANALYSIS

Pioneering IoT Firmware Security as Key to Quality of Service, Vendor Relations, and Brand Reputation!

Security Advisory: Unauthenticated Command Injection in Mitel IP Phones

Nov 17, 2024

Security Advisory: Unauthenticated Command Injection in Mitel IP Phones

Discover critical vulnerabilities in Mitel SIP phones that allow unauthenticated command injection. Learn how outdated input parsing can expose your devices and why it's essential to scan firmware for security risks. Protect your network with our in-depth analysis and expert takeaways.

What is a SBOM and why is it important for cybersecurity?

Learn about the benefits of a SBOM for cybersecurity and how it can improve the security and quality of your products. Read the Latest Blog Post Now!"

Sara Fortmann

Senior Marketing Manager

Reducing Common Vulnerabilities and Exposures (CVEs) in Software Development

Blog

Jan 15, 2023

Reducing Common Vulnerabilities and Exposures (CVEs) in Software Development

Stay informed & stay protected with our blog on the EU Cyber Resilience Act. Learn what the new regulation means for your business & how to stay compliant.

Sara Fortmann

Senior Marketing Manager

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

May 26, 2024

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in the TP-Link Archer C5400X router. Learn about the risks and recommended actions.

Security Advisory: Remote Code Execution in Ligowave Devices

May 13, 2024

Security Advisory: Remote Code Execution in Ligowave Devices

Explore the security advisory detailing remote code execution vulnerabilities in Ligowave devices. Learn about the risks & recommended protections.

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6199)

Apr 25, 2025

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6199)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198)

Apr 25, 2025

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Jul 8, 2024

The X in XFTP Stands For eXecute

Find out how our platform enhances firmware security by identifying vulnerabilities & bugs in ICT products, ensuring compliance with DORA & NIS2 directive.

ONEKEY 360° Comprehensive Product Cybersecurity & Compliance

Whitepapers

Sep 1, 2024

ONEKEY 360° Comprehensive Product Cybersecurity & Compliance

This whitepaper targets, Head of Product Cybersecurity, Product Owner, Compliance Professionals and Head of Devel- opment of manufacturers of connected devices.

TACKLING SOFTWARE SUPPLY CHAIN RISKS WITH IEC 62443 AND SBOM

Whitepapers

Nov 1, 2023