The First Auto-Generated IoT Device-Specific Security Agent Is Tailored for Each Device Based on the Analysis of Its Firmware Binary by VDOO’s Analysis Platform
VDOO (www.vdoo.com), the leader in embedded device security, has announced the availability of its ERA™ – Embedded Runtime Agent for ongoing connected device security. The VDOO agent is automatically tailored for each device based on an analysis of its firmware binary by Vision – VDOO’s analysis platform, focusing on the device’s threat landscape and resources, while avoiding any significant performance or functionality impact to the device.
“While the VDOO analysis solution, Vision, provides the ultimate tools to properly implement security building blocks and mitigate threats on connected devices, attack methods always evolve and one must have evolving countermeasures that can deal with the unknown. For that we offer ERA, the first and only runtime security solution for IoT that takes in account each devices’ specific attributes and threat landscape,” said Netanel Davidi, co-founder and co-CEO at VDOO.
Read More: Interview with Cédric Carbone, CTO at Ogury
Based on VDOO’s analysis of more than 4,000 IoT device firmware binaries, 98% of firmware files contain at least one vulnerability that scored higher than 7.0 (High) on the Common Vulnerability Scoring System (CVSSv3) scale. This level of vulnerability is typically reserved for items with actionable exploits which can be executed with minor or no authentication, either locally or remotely. In addition, in the past year, IoT makers have been able to quickly address and mitigate more than 120 zero-day vulnerabilities using VDOO’s Vision™ analysis platform.
VDOO’s Embedded Runtime Agent (ERA™)
The VDOO ERA™ was created with the specific challenges of IoT devices in mind and as such:
- Is the first on-device software that is automatically tailored for each specific device
- Operates with minimal CPU, storage and memory overheads
- Provides a range of protection types against known and unknown vulnerabilities
- Enables the user to choose between a detect or block operation mode
In addition to on-device runtime protection, the VDOO ERA™ is able to communicate with other network elements for enhanced network security. VDOO works with leading security vendors to enable communication with network-based security solutions such as Network Access Control (NAC), Firewalls, Security Information and Event Management (SIEM) software, and IoT gateways.
VDOO’s End-to-End Solution
VDOO’s end-to-end platform facilitates security and trust for IoT devices throughout the entire device lifecycle in a cost and effort efficient manner — from security analysis to implementation, certification and post-deployment security enablement.
The VDOO Vision™ Analysis Platform is a web-based service that performs automated analysis of a device’s firmware and determines its security gaps and requirements. Following the device’s analysis, the VDOO platform offers detailed guidance for vendors to efficiently and properly implement the identified requirements. Once security features have been implemented, the platform validates this, and provides a physical and digital certification to communicate the device’s security standing to the world.
Completing the end-to-end solution are the VDOO Embedded Runtime Agent (ERA™) and Honeypot (Quicksand™). The agent, released today, provides post-deployment detection, prevention, and mitigation capabilities against zero-days, known attack methods, and embedded devices’ malware. VDOO’s IoT honeypot works on a physical device or via emulation, providing intelligence to prepare mitigations, predict future attacks, and reveal new vulnerabilities.
The VDOO Certified Security Engineer (VCSE) Program
To complement its product offerings, VDOO has launched the VDOO Certified Security Engineer (VCSE) program to share its knowledge and research across the IoT industry.
The VCSE program is a formal, hands-on training that provides extensive insight into how to integrate security into the development of IoT devices. By actively taking part in sessions on threats, security implementation and testing methodologies, including hands-on lab experience, attendees will gain the fundamental security knowledge necessary to develop secure IoT devices.