• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Microcontroller Tips

Microcontroller engineering resources, new microcontroller products and electronics engineering news

  • Products
    • 8-bit
    • 16-bit
    • 32-bit
    • 64-bit
  • Applications
    • 5G
    • Automotive
    • Connectivity
    • Consumer Electronics
    • EV Engineering
    • Industrial
    • IoT
    • Medical
    • Security
    • Telecommunications
    • Wearables
    • Wireless
  • Learn
    • eBooks / Tech Tips
    • EE Training Days
    • FAQs
    • Learning Center
    • Tech Toolboxes
    • Webinars/Digital Events
  • Resources
    • Design Guide Library
    • DesignFast
    • LEAP Awards
    • Podcasts
    • White Papers
  • Videos
    • EE Videos & Interviews
    • Teardown Videos
  • EE Forums
    • EDABoard.com
    • Electro-Tech-Online.com
  • Engineering Training Days
  • Advertise
  • Subscribe

Online platform helps IoT vendors assess/manage/mitigate vulnerability reports

October 19, 2020 By Redding Traiger Leave a Comment

An online platform designed to help IoT vendors receive, assess, manage, and mitigate vulnerability reports has been launched by the IoT Security Foundation (IoTSF). VulnerableThings.com aims to simplify the reporting and management of vulnerabilities whilst helping IoT vendors comply with new consumer IoT security standards and regulations.

As the first globally applicable standard for consumer IoT cybersecurity, the new ETSI EN 303 645 specification requires IoT vendors – which could include device manufacturers or importers/distributors – to publish a clear and transparent vulnerability disclosure policy; establish an internal vulnerability management procedure; make contact information for vulnerability reporting publicly available, and continually monitor for and identify security vulnerabilities within their products.

Governments around the world including in the UK, Australia, Singapore, Finland, and the American states of California and Oregon have already published codes of practice, product labeling schemes or prepared legislation aligned to the standard. Implementing a means to accept vulnerability reports is a common feature of these initiatives. Without mechanisms to report, manage, and resolve vulnerabilities – such as Co-ordinated Vulnerability Disclosure (CVD) – the security of consumer IoT products diminishes over time, and the risk of attack or abuse increases.

VulnerableThings.com aims to provide an off-the-shelf, user-friendly vulnerability management tool and other valuable member resources including policy templates, issue resolution guidelines, and a directory of specialist advisors to help IoT manufacturers prepare for emerging regulations and to maintain compliance. CVD must become an essential part of the culture of successful IoT vendors and needs to be understood and supported by a business’s board of directors, compliance officer, product managers, product development managers, product security, supply chain managers, and public relations teams.

Manufacturers that subscribe to VulnerableThings will have access to a dashboard that will guide them through the vulnerability resolution process and facilitate communication with the reporter. Where vulnerability is reported in a product from a vendor that hasn’t registered with the service, an alert will be sent to a public email address of the manufacturer who will then have the opportunity to securely access the details of the vulnerability report by coming to VulnerableThings. Access to VulnerableThings.com is available free until 31 January 2021. Subscribing to the service also provides access to professional support for co-ordinated disclosure announcements.

While vulnerabilities can be reported by any individual anonymously, by registering with VulnerableThings.com, security researchers are provided with a dashboard that allows them to monitor the progress towards resolving vulnerabilities they have reported to different manufacturers. Promoting dialogue between vendors and security researchers will contribute to the success of the IoT ecosystem.

You may also like:


  • Safety and cybersecurity for the connected car
  • network slicing
    Cybersecurity testing in 5G automotive designs
  • MCU embedded Bluetooth Module with VitaNet Suite
    Bluetooth modules now run IoT security middleware
  • silicon labs
    Selecting the right Bluetooth Low Energy SoC

Filed Under: Applications, IoT, Security, Software, Tools Tagged With: IoT security

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Featured Contributions

Five challenges for developing next-generation ADAS and autonomous vehicles

Securing IoT devices against quantum computing risks

RISC-V implementation strategies for certification of safety-critical systems

What’s new with Matter: how Matter 1.4 is reshaping interoperability and energy management

Edge AI: Revolutionizing real-time data processing and automation

More Featured Contributions

EE TECH TOOLBOX

“ee
Tech Toolbox: 5G Technology
This Tech Toolbox covers the basics of 5G technology plus a story about how engineers designed and built a prototype DSL router mostly from old cellphone parts. Download this first 5G/wired/wireless communications Tech Toolbox to learn more!

EE Learning Center

EE Learning Center

EE ENGINEERING TRAINING DAYS

engineering
“bills
“microcontroller
EXPAND YOUR KNOWLEDGE AND STAY CONNECTED
Get the latest info on technologies, tools and strategies for EE professionals.

DesignFast

Design Fast Logo
Component Selection Made Simple.

Try it Today
design fast globle

Footer

Microcontroller Tips

EE World Online Network

  • 5G Technology World
  • EE World Online
  • Engineers Garage
  • Analog IC Tips
  • Battery Power Tips
  • Connector Tips
  • DesignFast
  • EDA Board Forums
  • Electro Tech Online Forums
  • EV Engineering
  • Power Electronic Tips
  • Sensor Tips
  • Test and Measurement Tips

Microcontroller Tips

  • Subscribe to our newsletter
  • Advertise with us
  • Contact us
  • About us

Copyright © 2025 · WTWH Media LLC and its licensors. All rights reserved.
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media.

Privacy Policy