PRESS RELEASE

Full control over compliance with IoT security standards

[list of security standards updated July 2020]

New functionality automatically detects non-conformities with ENISA, ETSI and OWASP guidelines

Berlin / Vienna – March 2, 2020 – With the new Compliance Checker, the IoT Inspector has recently been expanded to include a valuable feature that now enables users of the analysis platform to examine IoT firmware for compliance with international security standards. Thus, providers can quickly check their products for manufacturer conformity and companies can easily determine whether their IoT devices violate industry compliance regulations. The IoT Inspector experts will give first insights into the new function at NetSec 2020, the partner event of Exclusive Networks, on March 3rd in Vienna.

Security remains the major vulnerability in the Internet of Things and vulnerabilities in IoT devices are the norm rather than the exception. In view of the approximately 27 billion networked devices that are already in use around the world today, there is a cyber-attack surface of unimaginable size. Organizations and authorities, including the European Telecommunications Standards Institute (ETSI), the European Union Agency for Cyber Security (ENISA) and the Open Web Application Security Project (OWASP) have made it their mission to counteract this by adopting IoT security guidelines – for example for critical infrastructures. The Compliance Checker supports companies, infrastructure providers, manufacturers and consultants in the implementation of these guidelines and automatically checks for deviations from the following IoT security standards:

  • BITAG – Broad Internet Technical Advisory Group
  • DIN – Deutsches Institut für Normung
  • ENISA Baseline Security Recommendations for IoT
  • ETSI TS 103 645
  • GOV.UK – Government of the United Kingdom: Department for Digital, Culture, Media and Sport
  • LEGINFO CA GOV – State of California Legislative Information
  • OWASP TOP 10 IoT 2018 

“Legislators are placing increasing pressure on IoT device manufacturers to comply with the most important IoT security standards. And that’s a good thing, because only in this way can we finally guarantee the comprehensive security that has been overdue in the Internet of Things for years,” says Rainer M. Richter, Director Channels & Alliances at SEC Technologies. “With the Compliance Checker, we have now created an opportunity to check firmware for conformity or non-conformity with the most essential security standards – in an automated manner and with little effort. Everyone involved – manufacturers, service providers and end users – benefit in their own way. ”

With the IoT Inspector, the leading European developer of cyber security solutions SEC Technologies has developed a scalable platform that makes it possible to automate security analysis of IoT firmware. The platform offers unique transparency about what is in a firmware image and quickly and comprehensively identifies critical vulnerabilities such as programmed passwords in the firmware file system, outdated third-party components, gaps in the system configuration or SSH host keys, without requiring a source code. The IoT Inspector covers a wide range of IoT devices – including IP cameras, printers, routers, etc.

Find out more