2021 was a banner year for cybersecurity attacks
|
Embedded Systems
A Timesys Deep Dive
January 2022
|
|
|
Cybersecurity in the news
Organizations Face a ‘Losing Battle’ Against Vulnerabilities
Companies must take more ‘innovative and proactive’ approaches to security in 2022 to combat threats that emerged last year, researchers say
From the Colonial Pipeline attack and the explosion of ransomware to the supply chain emerging as a “primary attack surface,” 2021 was a banner year for cybersecurity attacks.
And according to an annual security report from Bugcrowd, the attacks have become even more sophisticated: some groups track critical vulnerabilities that haven’t yet been detected by organizations, finding the gaps where they can strike and exploit the CVEs.
These trends have made one thing very clear: a proactive security approach is an absolute necessity for 2022. Read the full article here.
Ready to get proactive in the vulnerability battle? Try out our Vigiles vulnerability monitoring and remediation tool – free for 30 days.
|
SBOM Management Just Got Easier with the Latest Vigiles Release
Vigiles, our best-in-class CVE monitoring and remediation tool, is the only Software Composition Analysis tool that’s optimized for embedded. And with the latest release of Vigiles (December 2021), we’ve added two key features:
1. Export your Software Bill of Materials (SBOM) in SPDX format
SPDX format is an international open standard for SBOMs that communicates information including components, licenses, copyrights, and security references. This feature is helpful for tracking packages, reporting, audits, and streamlining and improving compliance.
2. Vigiles Supports OpenWrt
Vigiles supports all major Linux build system integrations including Yocto, Buildroot, Timesys Factory, PetaLinux, Wind River Linux, PTXdist, and now, OpenWrt. With this latest feature, you can track CVEs filed against OpenWrt.
Log in to check out the latest release or Get started with a free trial of Vigiles Prime
|
Our Gift To You: A Nerdy Cybersecurity Video Game Timesys CVE Invaders
Tired of chasing vulnerabilities all day? Have you ever dreamed of shooting them with a laser to make them go away? Now is your chance: try our new CVE mitigation game, CVE Invaders!
Use your old-school video game skills and the powerful Vigiles scan tool to defeat CVEs and bugs. Eliminate enough CVEs to meet the minimum security requirement, and move on to the next level. Just like in real life, the CVEs will keep coming, but as you sharpen your skills and use the right tools, you’ll get better and faster at defeating them. Ready to play?
|
5 Lessons Learned From the Log4j Vulnerability...and How the Embedded Industry Can Be Better Prepared for the Next One
What can we learn from this historic attack? Read the full post for five key takeaways for embedded:
|
|
Watch our latest presentations on-demand
|
Vigiles Demo Webcast with NXP: Supercharge your vulnerability management
Timesys-NXP webinar and demo
- How to choose the right tool for embedded system security maintenance and achieving industry compliance
- Vigiles demo & new features (Jira integration, license and policy alerts, manifest comparison, new APIs)
|
|
Using Yocto to Secure Your Device: From Development to Production
Yocto Project Virtual Summit presentation
- How to leverage Yocto’s extensibility and flexibility to streamline development and keep products secure
- Key security ideas and their implementation in Yocto for different stages of development
|
|
|
Sneak Preview: You’ve Got Questions – We’ve Got Answers
A monthly embedded cybersecurity webinar + live Q&A
Starting next month, we’ll be hosting a monthly webinar + live session with our technical specialists. The first part of the session will focus on a rotating series of cybersecurity and embedded topics, while the second part will be a live, open forum for questions. Ask all your burning questions and get answers from the technical experts you trust.
Keep an eye out for your invite!
What topics would you like to see us cover? Just reply to this email with your questions and ideas.
Can’t wait until next month?
|
We Want Your Feedback
|
|
Last chance to get early access to survey results
5 days left to participate in the 5-minute IoT Device Manufacturer Security Survey
We are conducting an industry-wide, global survey to better understand where IoT device manufacturers are on their cybersecurity journey, and we want to hear from you.
All participants will get early access to the results, and 5 participants will randomly be selected to receive a USD$50 Visa gift card.
Survey closes February 1, 2022.
|
|
|
©2022 Timesys Corporation. 1905 Boulevard of the Allies, Pittsburgh, PA 15219
Timesys, the Timesys logo, and Vigiles are trademarks or registered trademarks of Timesys Corporation. Linux is a registered trademark of Linus Torvalds in the United States and other countries. All other company and product names mentioned are trademarks and/or registered trademarks of their respective owners. |
|