|[January 21, 2019]
VDOO Releases Runtime Protection Agent for Connected Devices, Completing its End-to-End IoT Security Solution
the leader in embedded device security, has announced the availability
of its ERA™ - Embedded Runtime Agent for ongoing connected device
security. The VDOO agent is automatically tailored for each device based
on an analysis of its firmware binary by Vision™ - VDOO's analysis
platform, focusing on the device's threat landscape and resources, while
avoiding any significant performance or functionality impact to the
"While the VDOO analysis solution, Vision, provides the ultimate tools
to properly implement security building blocks and mitigate threats on
connected devices, attack methods always evolve and one must have
evolving countermeasures that can deal with the unknown. For that we
offer ERA, the first and only runtime security solution for IoT that
takes in account each devices' specific attributes and threat
landscape," said Netanel Davidi, co-founder and co-CEO at VDOO.
Based on VDOO's analysis of more than 4,000 IoT device firmware
binaries, 98% of firmware files contain at least one vulnerability that
scored higher than 7.0 (High) on the Common Vulnerability Scoring System
(CVSSv3) scale. This level of vulnerability is typically reserved for
items with actionable exploits which can be executed with minor or no
authentication, either locally or remotely. In addition, in the past
year, IoT makers have been able to quickly address and mitigate more
than 120 zero-day vulnerabilities using VDOO's Vision™ analysis platform.
VDOO's Embedded Runtime Agent (ERA™)
The VDOO ERA™ was created with the specific challenges of IoT devices in
mind and as such:
Is the first on-device software that is automatically tailored for
each specific device
Operates with minimal CPU, storage and memory overheads
Provides a range of protetion types against known and unknown
Enables the user to choose between a detect or block operation mode
In addition to on-device runtime protection, the VDOO ERA™ is able to
communicate with other network elements for enhanced network security.
VDOO works with leading security vendors to enable communication with
network-based security solutions such as Network Access Control (NAC),
Firewalls, Security Information and Event Management (SIEM) software,
and IoT gateways.
VDOO's End-to-End Solution
VDOO's end-to-end platform facilitates security and trust for IoT
devices throughout the entire device lifecycle in a cost and effort
efficient manner -- from security analysis to implementation,
certification and post-deployment security enablement.
The VDOO Vision™ Analysis Platform is a web-based service that performs
automated analysis of a device's firmware and determines its security
gaps and requirements. Following the device's analysis, the VDOO
platform offers detailed guidance for vendors to efficiently and
properly implement the identified requirements. Once security features
have been implemented, the platform validates this, and provides a
physical and digital certification to communicate the device's security
standing to the world.
Completing the end-to-end solution are the VDOO Embedded Runtime Agent
(ERA™) and Honeypot (Quicksand™). The agent, released today, provides
post-deployment detection, prevention, and mitigation capabilities
against zero-days, known attack methods, and embedded devices' malware.
VDOO's IoT honeypot works on a physical device or via emulation,
providing intelligence to prepare mitigations, predict future attacks,
and reveal new vulnerabilities.
Each component of the VDOO solution is available now.
here to access the VDOO Press Kit.
The VDOO Certified Security Engineer (VCSE) Program
To complement its product offerings, VDOO has launched the VDOO
Certified Security Engineer (VCSE) program to share its knowledge and
research across the IoT industry.
The VCSE program is a formal, hands-on training that provides extensive
insight into how to integrate security into the development of IoT
devices. By actively taking part in sessions on threats, security
implementation and testing methodologies, including hands-on lab
experience, attendees will gain the fundamental security knowledge
necessary to develop secure IoT devices.
For more information on the VCSE program click
VDOO was established in 2017 to pioneer the space of embedded systems,
with an end-to-end solution of security automation, certification, and
protection. The VDOO founders' backgrounds include an endpoint
cybersecurity startup acquired by Palo Alto (News - Alert) Networks, as well as notable
experience serving in the Israeli Intelligence Elite Unit. For
additional information, visit www.vdoo.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20190121005251/en/
[ Cloud Security's Homepage ]