New Solution on Automated Zero-Day Exploits Discovery!
Time-consuming detection task will be obsolete
Finding unknown software vulnerabilities is mostly a manual, time- and resource consuming task. Today’s automated vulnerability detection solutions typically search for files and patterns with known vulnerabilities. There are large, publicly available databases for software vulnerabilities to simplify software development, testing and related security. The “holy grail” on product cybersecurity is to find unknown zero-day vulnerabilities in a fully automated way. This would lead to significantly more secure software and significantly less probability of misuse or being hacked – while reducing development time and resources.Generate your SBOM – automatically!
ONEKEY’s new automated detection capabilities have already uncovered multiple critical zero-day vulnerabilities that lead to remote code execution in IoT and OT devices – only by feeding the binary firmware image into the ONEKEY firmware analysis platform. Based on the binary analysis, the software gives clear results about critical security issues and hints for the appropriate elimination. It also generates automatically a SBOM (Software Bill of Materials) as it will be required by the EU authorities soon. Find more about secure supply chains in our latest Whitepaper “Tackling software supply chain with IEC62443 and SBOM”.ONEKEY saves you from Zero-Day Exploits
The ONEKEY platform extracts the firmware automatically, attack surface is mapped automatically, entry points for attackers are identified automatically and dangerous functions, which can be exploited by attackers, are evaluated and verified so that only the relevant ones are highlighted. Everything provided with actionable advice & pinpointing to affected areas in the firmware application.Automated Zero-Day detection is a new era
The new detection capabilities have uncovered already multiple unknown, zero-day vulnerabilities. Based on ONEKEY’s responsible disclosure policy, the device producer not yet working with ONEKEY will be informed confidentially. After the industry standard 90 days grace period, vulnerability results will be published to the public in detailed cybersecurity advisories. The new automated zero-day detection capabilities marking only the beginning of a new era – to support an increased discovery rate of critical zero-day vulnerabilities in IoT and OT devices, ONEKEY registered as CNA (CVE Numbering Authority) to better support responsible disclosure processes with producers and contribute to securing the Internet of Things. Read the press release "ONEKEY announces automated detection of zero-day vulnerabilities" PRESS RELEASE "ONEKEY ANNOUNCES AUTOMATED DETECTION OF ZERO-DAY VULNERABILITIES"About Onekey
ONEKEY is the leading European specialist in Product Cybersecurity & Compliance Management and part of the investment portfolio of PricewaterhouseCoopers Germany (PwC). The unique combination of an automated Product Cybersecurity & Compliance Platform (PCCP) with expert knowledge and consulting services provides fast and comprehensive analysis, support, and management to improve product cybersecurity and compliance from product purchasing, design, development, production to end-of-life.
CONTACT:
Sara Fortmann
Marketing Manager
sara.fortmann@onekey.com
euromarcom public relations GmbH
+49 611 973 150
team@euromarcom.de
RELATED BLOG POST
Understanding the EU Cyber Resilience Act and achieve product cybersecurity compliance with ONEKEY’s whitepaper
ONEKEY Whitepaper: Enhance EU CRA compliance. Streamline supply chain risk management & automate compliance controls for secure device market. Download now!
Ready to automate your Product Cybersecurity & Compliance?
Make cybersecurity and compliance efficient and effective with ONEKEY.