- Maintain strong product security throughout your product lifecycles Bring more secure products to market faster
- Make security a key product differentiator
- Works with ANY Yocto based BSP
- You can get started using Vigiles free today
Vigiles is a Software Composition Analysis (SCA) tool that helps generate and analyze a Software Bill of Materials (SBOM) for publicly known cybersecurity vulnerabilities, particularly CVEs. Vigiles is optimized for embedded systems, and it provides a complete vulnerability lifecycle management tool: discovery, prioritization, triaging, remediation, compliance and on-going monitoring/alerts.
Vigiles software uses advanced scanning and validation algorithms to identify vulnerabilities specific to your projects and software components. Vigiles software filters out the noise. The Vigiles software tracking algorithm produces very high accuracy combined with a very low false positive rate. The result is security management for your project that is streamlined and highly efficient.
Hundreds of vulnerabilities are published every week. The Common Vulnerability & Exposure (CVE) database lists thousands of vulnerabilities that may have a direct impact on the security of your products, both in development and in production.
Sifting through the flood of CVEs to pinpoint those affecting your products can be a heavily manual and time-consuming process. But not doing it risks having your products – and the customers using them – wide-open targets for attackers and breaches.
NXP takes great care to ensure that our BSP releases are up-to-date and vulnerability-free when released. As time goes on, new CVEs are reported and developers begin making modifications. Both of these contribute to greater exposure to security issues.
Identifying vulnerabilities is only the first step. What’s critical is how quickly and efficiently you are able to analyze them and take action.
Please contact Vigiles@nxp.com for more information.
Timesys is a leading provider of embedded, open source software, engineering services and security solutions across the “Embedded Software Spectrum” — from simple BSP subsystems to stand-alone devices, mobile apps and access solutions and IoT systems — for Linux, Android, RTOS and other open source...