Automated Vulnerability Monitoring and Patch Monitoring Service Cuts Security Maintenance by More Than 90 Percent, Reducing Security Breach Risk
Timesys Corporation, industry pioneer and leading provider of embedded, open source software, engineering services, and security solutions, recently announced that it has collaborated with NXP® Semiconductors to combine Timesys Vigiles Security Monitoring & Management Service with NXP processors to automatically monitor and identify vulnerabilities in open source software components and Yocto Linux distributions rapidly and efficiently.
The Timesys Vigiles service streamlines security maintenance for embedded systems using open source components, enabling product developers to ensure their products stay secure in today’s heightened security breach environment. The embedded device security service can cut security maintenance time and cost by an estimated 90 percent or more.
“The pressure to bring new products to market quickly is always rising. But at the same time, security has never been more critical for embedded systems,” said Atul Bansal, CEO of Timesys. “We’re collaborating with NXP to give product developers the best of both worlds. They not only can bring secure NXP processor-based products to market more rapidly but also ensure those products stay secure throughout their lifecycles.”
Vigiles improves product security with automated vulnerability monitoring, filtering and patch notification, creating the basis for high-efficiency vulnerability management workflows that accelerate vulnerability detection, investigation and mitigation.
The result is a dramatic reduction in cost and effort to manage security and fix vulnerabilities before they result in major security breaches. Vigiles enables product developers to reduce risk with better embedded system security while consuming less time and resources on security tasks.
“NXP is committed to ensuring that products built using our processors are as secure as possible, which is why we have chosen Timesys’ Vigiles scanning service,” said Rob Oshana, vice president of software development at NXP. “Vulnerability scanning and patch management tools of this caliber have not previously been offered by a semiconductor manufacturer. We’re happy to offer this new level of security with the Vigiles scanning service to our customers.”
Hundreds of new vulnerabilities affecting software systems are disclosed every week by services such as the Common Vulnerabilities & Exposures (CVE) database operated by the US National Institute of Standards and Technology (NIST).
Named for legendary city watchmen of ancient Rome, Vigiles acts as an automated CVE scanner and CVE notifier, pinpointing and filtering the vulnerabilities that directly affect the components of particular products.
With a vulnerability report dashboard and collaboration tools, developers can track issues, prioritize vulnerabilities, and work together to fix them. Engineering managers can view broad product level security status and track overall progress toward more secure products. Vigiles also automatically provides suggested fixes, such as providing patch notification and update information to simplify patch management.
Individual developers can use Vigiles for free by signing up today for Vigiles Basic: https://nxp.com/vigiles
For more information, visit https://www.timesys.com.