Onekey resources

No market approval without cybersecurity: How companies can successfully implement the CRA

The EU Cyber Resilience Act (CRA) makes cybersecurity a must for CE marking. Learn how companies can achieve compliance, ensure security, and secure market access.

Tanja Sommer

Static Source Code Analysis vs. Binary Scanning

Compare static source code analysis and binary scanning. Learn how ONEKEY gives you full visibility, detects real risks, and generates SBOMs – even without source code.

Sebastian Schneider

Customer Success Engineer

ONEKEY Webinar Secure Private Keys in Public Firmware

Secure your connected products. Join our expert-led webinar to learn how to detect, manage, and prevent private key leaks in firmware. Ideal for PSIRTs and product security teams.

ONEKEY @ All About Automation 2025

Meet ONEKEY at All About Automation Düsseldorf 2025 (Sept 17–18 at Areal Böhler) to explore smart, secure, and compliant industrial automation. Discover how ONEKEY helps secure IoT & OT devices with automated SBOMs, firmware analysis, and IEC 81001-5-1 compliance.

ONEKEY Online Seminar Complying with the EU Cyber Resilience Act

Get ready for the EU Cyber Resilience Act (CRA). Join our expert-led seminar to understand CRA compliance, SBOMs, secure software supply chains, and automated self-assessments. Ideal for product security professionals.

ONEKEY Online Seminar RTOS Analysis

Join the exclusive ONEKEY online seminar to discover powerful RTOS firmware analysis techniques for securing embedded systems, automating compliance, and minimizing vulnerabilities. Register now!

ONEKEY Platform Update May 2025

Explore ONEKEY’s latest platform enhancements, including advanced RTOS firmware analysis, ELF dependency visualization and many more

Tanja Sommer

Security Advisory: Remote Code Execution on Diviotec IP Camera (CVE-2025-5113)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Diviotec IP Cameras. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

Security Advisory: Remote Command Execution on Netcomm NTC 6200 and NWL 222

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Netcomm devices. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Smartbedded MeteoBridge. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

Shell CGI Static Code Analysis - Automatic Discovery of RCEs

Uncover ONEKEY's new shell CGI Static Code Analysis feature, designed to identify critical Remote Code Execution vulnerabilities. Click now to find out more.

Quentin Kaiser

Lead Security Researcher

ONEKEY @ 8th Annual European Medical Device and Diagnostic Cybersecurity Conference 2025 – Meet Us in Berlin!

Visit ONEKEY at Booth 4 during the Medical Device and Diagnostic Cybersecurity Conference 2025, May 13–15 at Mercure Hotel MOA Berlin. Explore our solutions for firmware security, SBOM, and IEC 81001-5-1 compliance.

ONEKEY Online Seminar Automate Vulnerability Management and Impact Assessment in the SDLC

Join our free 45-minute online seminar on May 15 to learn how to automate vulnerability management and impact assessment in the SDLC using ONEKEY. Live demo included.

ONEKEY @ STARTUP AUTOBAHN 2025 – Meet Us in Stuttgart!

Meet ONEKEY & ETAS at EXPO2025 Stuttgart. Discover how we automate product cybersecurity & compliance across the lifecycle—smart, scalable, risk-based.

ONEKEY Online Seminar SBOM Management

Join the exclusive ONEKEY online seminar to learn effective SBOM strategies for securing your software supply chain, simplifying regulatory compliance, and reducing security risks. Register now!

ONEKEY @ Embedded World 2025 – Meet Us in Nuremberg!

ONEKEY will be exhibiting at embedded world 2025 in Nuremberg with Booth 5-376, Hall 5. Attending as well? Let’s meet!

OT & IoT Cybersecurity Report 2024

Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers

Discover how severe security flaws, including unauthenticated remote command execution (CVE-2024-11665 & CVE-2024-11666), affect eCharge EV charging controllers. Learn about insecure firmware practices, cloud infrastructure issues, and actionable steps to mitigate risks in EV charging systems.

Quentin Kaiser

Lead Security Researcher

ESCAR Europe 2024: THE WORLD'S LEADING AUTOMOTIVE CYBER SECURITY CONFERENCE!

ONEKEY at escar - The World's Leading Automotive Cyber Security Conference 2024 – Elevate Your Automotive Cybersecurity!

Swisscom

How Swisscom saves USD400,000 per avoided IOT security incident through automated firmware analysis

Security Advisory: Unauthenticated Command Injection in Mitel IP Phones

Discover critical vulnerabilities in Mitel SIP phones that allow unauthenticated command injection. Learn how outdated input parsing can expose your devices and why it's essential to scan firmware for security risks. Protect your network with our in-depth analysis and expert takeaways.

Denys Vozniuk

Security Consultant

What is a SBOM and why is it important for cybersecurity?

Learn about the benefits of a SBOM for cybersecurity and how it can improve the security and quality of your products. Read the Latest Blog Post Now!"

Sara Fortmann

Senior Marketing Manager

Understanding the EU Cyber Resilience Act and achieve product cybersecurity compliance with ONEKEY’s whitepaper

ONEKEY Whitepaper: Enhance EU CRA compliance. Streamline supply chain risk management & automate compliance controls for secure device market. Download now!

Sara Fortmann

Senior Marketing Manager

Reducing Common Vulnerabilities and Exposures (CVEs) in Software Development

Stay informed & stay protected with our blog on the EU Cyber Resilience Act. Learn what the new regulation means for your business & how to stay compliant.

Sara Fortmann

Senior Marketing Manager

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in the TP-Link Archer C5400X router. Learn about the risks and recommended actions.

Security Advisory: Remote Code Execution in Ligowave Devices

Explore the security advisory detailing remote code execution vulnerabilities in Ligowave devices. Learn about the risks & recommended protections.

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6199)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Quentin Kaiser

Lead Security Researcher

The X in XFTP Stands For eXecute

Find out how our platform enhances firmware security by identifying vulnerabilities & bugs in ICT products, ensuring compliance with DORA & NIS2 directive.

ONEKEY 360° Comprehensive Product Cybersecurity & Compliance

This whitepaper targets, Head of Product Cybersecurity, Product Owner, Compliance Professionals and Head of Devel- opment of manufacturers of connected devices.

TACKLING SOFTWARE SUPPLY CHAIN RISKS WITH IEC 62443 AND SBOM

This whitepaper targets security teams of industrial automation and control systems (IACS) asset owners and product suppliers.