This report analyzes the new US cybersecurity strategy through a product security lens
a rundown of FDA, NIST, IEC, IMDRF, and other med device security regulations
Learn what the FDA’s focus on SBOMS means for medical device manufacturers.
Adopt a new approach to stay on top of security and compliance from design to post-production
Dive in to learn what tomorrow’s Pre & Post Market medical device cybersecurity regulations will be.
How can device manufacturers proactively secure products, throughout their lifecycle?
Learn how to build PSIRT, that intelligently anticipates cyber risks and ensures resilience.
Learn how to share critical vulnerability data with formats like VEX, relevant use cases, and challenges.
Learn how automation and deep visibility allow PSIRT to manage security incidents post-production and reduce the risk of regulatory violations, liability claims, and brand equity erosion.
Learn how to manage and control licensing risks at scale, while minimizing manual efforts.
Supermicro wanted a list of open-source and third-party licenses along with vulnerabilities, directly from the final firmware for a compliant SBOM. A global technology leader committed to delivering innovation for Enterprise, Cloud, AI, and 5G Telco/Edge IT Infrastructure, Supermicro provides a broad range of application-optimized server solutions serving a variety of markets, including cloud […]
The podcast dedicated to everything product security, where we interview thought leaders, engineers, and policymakers
A deep dive into automotive software security and compliance risks and trends.
Takeaways from a deep analysis of hundreds of software components in today’s vehicles.
Everything product security managers need to know about SBOMs.
Meet new regulatory requirements, improve security, and optimize production speed.
Learn how automation and deep visibility into the device make-up allow you to control security risks from the component level up to the entire device, at scale, taking your vulnerability management program to the next level.
Learn how automotive OEMs and suppliers can ensure cybersecurity challenges like supply chain shortages and the upcoming WP.29 regulations don’t put innovation and accelerated development at risk.
We asked security experts from hundreds of medical device manufacturers about their main challenges and how they plan to address them in 2022.
Learn how to create identical digital replicas of products and devices — cyber digital twins — even when they contain closed code components.
Learn how to stay on top of cybersecurity and regulatory challenges by automating your CSMS processes.
Get the insights you need about what others in the MDM industry are doing to stay ahead of emerging threats and regulations.
Our CEO Slava Bronfman talked with Steven Bowcut about the current and future cybersecurity threats in the automotive industry, and ways to mitigate them. Tune in to learn how the automotive industry is catching up to security risks.
Only 6% are fully ready for the upcoming UNECE WP.29 R155 regulation. That’s one of the key findings in our recent survey of OEMs and Tier-1s conducted with the ASRG. The survey sheds light on the current state of vulnerability management practices, covering issues such as: Time and effort for risk assessment Vulnerability management use […]
Strategy Analytics interviewed multiple executives at automotive OEM and Tier 1 suppliers to get a sense of the organizational measures that have been taken to confront the growing cybersecurity threat. Key finding include: OEMs face a supply chain cybersecurity challenge unmatched by any other industry Tier-1s claim that OEMs are not ready for WP.29 R155 […]
A knowledge hub that serves as a home for educational resources on medical cybersecurity regulations, standards and best-practices, intended to help medical device manufacturers and their suppliers navigate the troubled waters of compliance.
What are Cyber Digital Twins and how they can be used for cybersecurity analysis? As medical devices become hyper-connected and software driven, there’s a growing risk that cyber vulnerabilities introduced through accidental errors, lack of secure-coding practices, or insecure open source software, may be exploited by malicious entities. This is where Cyber Digital Twins […]
This eGuide, based on Cybellum’s extensive work with leading Medical Device manufacturers and their suppliers, outlines the building blocks of an effective vulnerability management program, that keeps your customers secure while complying with all current cybersecurity regulations. Download the free eGuide to learn how to: Assemble a vulnerability management team with the right job functions […]
In this joint webinar with PTC, we discuss how and why medical device manufacturers should integrate cyber risk management with product planning and production. You will learn how to: Define software security considerations early in the product life cycle Proactively test and fix security or safety threats in pre- and post-production stages Set up the […]
This report provides an in-depth snapshot of the current state of automotive software security. The report is based on extensive analysis of automotive ECU software by the Cybellum Research Lab. Key findings include: Automotive vulnerabilities are not “regular” vulnerabilities Aging software poses operational risk Automotive software is not immune to supply chain vulnerabilities Memory corruption […]
Find out why Frost & Sullivan believes Cybellum is favorably positioned to win trust among automakers and its solutions are “more reliable and process‐efficient than competitors”. After rigorous research, analysis and evaluation of multiple nominees, Frost & Sullivan concluded that Cybellum excels in the vehicle security and risk assessment space, in criteria such as: Addressing […]
What are Cyber Digital Twins and how they can be used for cybersecurity analysis? As IoT devices become hyper-connected and software driven, there’s a growing risk that cyber vulnerabilities introduced through accidental errors, lack of secure-coding practices, or insecure open source software, may be exploited by malicious entities. This is where Cyber Digital Twins […]
Mapping WP.29 CSMS Requirements to the ISO/SAE 21434 Standard Learn how the Cyber Security Management System (CSMS) requirements set in the UNECE WP.29 GRVA regulation map to the process requirements of the ISO/SAE 21434 standard.
Our CEO Slava Bronfman discusses the layers involved in securing a vehicle software, and how to stay one step ahead of hackers.
Integrating the cybersecurity processes into your product planning and production, to comply with WP.29 and ISO 21434. A joint session by Cybellum and PTC.
What techniques and tools could be used for an effective vulnerability management analysis of automotive firmware? 45-min webinar with VP Product Development, Eyal Traitel
How can OEMs and Tier-1s overcome their complex and practically-invisible software supply chain via Cyber Digital Twins™ technology. 20-min webinar by Michael Engstler, CTO of Cybellum
In this webinar we demonstrate how a better understanding of the context in which vehicle software components operate accelerates vulnerability management, helping product security teams focus on the risks that matter the most.
As automotive manufacturers continue their pursuit of the software-defined vehicle, they must recognize that cybersecurity approaches, processes, and tooling must evolve. Read what IDC Analyst Matt Arcaro, Research Manager, Digital Automotive and Transportation Strategies has to say about that as he discusses: Opportunities to enhance vehicle cybersecurity visibility and performance. Applying the concept of Digital […]
A knowledge hub that serves as a home for educational resources on cybersecurity regulations, standards and best-practices, intended to help OEMs and their suppliers navigate the troubled waters of compliance.
For many organizations, having a vulnerability management program comes down to searching for hacker chatter on the dark web and keeping an eye on published CVEs. Yet, in today’s world this is not enough. With threats on the rise, you need a fully scaled vulnerability management operation. This eGuide, based on Cybellum’s extensive work with […]
Learn How to Prepare for the WP.29 Automotive Cybersecurity Regulation – From Home In this 20-minute on-demand webinar, we discuss the current state of automotive cybersecurity and explain how stakeholders can prepare for UNECE WP.29. Presented by Eyal Traitel, VP Strategic Alliances at Cybellum.
A review of the latest ENISA (the European Union Agency for Cybersecurity) report on the importance of cybersecurity for connected cars. Download to get the ENISA guidelines, insights on the challenges the industry is facing today around automotive cybersecurity, and how recent standards suggest handling. This review includes a reference to each category in the […]