The European IoT/OT security specialist ONEKEY enables the software-supported, automated analysis of unknown zero-day vulnerabilities in industrial products and controls for the first time.
This category represents one of the greatest risks for everything that uses software: "Zero-day attacks use security gaps that may have existed undetected for a long time and were not recognized by the manufacturer of the devices and systems. Therefore there is no patch for the vulnerability and global attacks on affected devices can be devastating," says Jan Wendenburg, CEO of ONEKEY.
Thriving trade with vulnerabilities
These vulnerabilities are even traded among hackers, and a zero-day vulnerability in iOS, Windows or Android can easily achieve seven-digit prices. What is already dangerous for PCs can have threatening effects on networked and intelligent systems and infrastructures in industry, including bankruptcy. Today, finding unknown software vulnerabilities is an extremely time-consuming task - many manufacturers even voluntarily pay large sums of money to hackers in order to be able to plug the security gap before immense damage occurs.
Find undetected zero-day vulnerabilities
Previous automated solutions, on the other hand, look for patterns and files that have already been identified as potentially dangerous. “The supreme discipline of software security is to automatically find completely unknown vulnerabilities. This makes software much more secure and better protected against attacks worldwide. In addition, there is a reduction in development times in the long term, since weak points can be identified and eliminated at an early stage. The result: Improved security and savings in the cost structure," explains Jan Wendenburg from ONEKEY.
The company's new technology platform leverages an entirely new automated detection capability that has already uncovered several critical zero-day vulnerabilities. All vulnerabilities found would have led to remote code execution in IoT devices. All that was required was an upload of the firmware image to the ONEKEY analysis platform. Based on ONEKEY's Responsible Disclosure Policy towards manufacturers who do not yet work directly with ONEKEY, confidential information is initially provided. After the industry-standard period of 90 days, the results of the vulnerability analysis are made available to the public in detailed security notices.
Automatic analysis and evaluation
ONEKEY's analysis platform automatically extracts the firmware, the attack surface is automatically mapped and entry points for attackers are automatically identified. Dangerous features that can be exploited by attackers are evaluated and reviewed, and only the really relevant ones are highlighted. In addition to the classification of the actual threat, users also receive information on how to fix the vulnerability and information on affected areas in the firmware application.
“This new functionality – automatically finding zero-day vulnerabilities – marks the beginning of a new era in IoT/OT security. That's why we're also registered as a CNA - CVE Numbering Authority - and are working with CISA to better coordinate responsible disclosure with vendors and increase the security level of connected devices. Security in the Internet of Things is our mission!” emphasizes Jan Wendenburg, CEO of the security specialist ONEKEY.
More at ONEKEY.com
About ONEKEY ONEKEY (formerly IoT Inspector) is the leading European platform for automatic security & compliance analyzes for devices in industry (IIoT), production (OT) and the Internet of Things (IoT). Using automatically created "Digital Twins" and "Software Bill of Materials (SBOM)" of the devices, ONEKEY independently analyzes firmware for critical security gaps and compliance violations, without any source code, device or network access.