Keysight Technologies, Inc. and Synopsys, Inc. are partnering to provide internet of things (IoT) device makers with a complete cyber security assessment solution to ensure consumers are protected when devices are shipped to market. Under the arrangement, Synopsys defensics fuzzing tool will be embedded as an option into Keysight IoT Security Assessment solution.
The global IoT device market is experiencing notable growth due to rise in adoption of IoT devices and is projected to reach a market value of $413.7 billion (€390.91 billion) by 2031. According to Palo Alto Networks IoT threat report, the vulnerability of IoT devices makes them easy targets with 57% of IoT devices at risk of medium or high-severity attacks. With proliferation of devices and of IoT cyber attacks, device makers are increasingly in need of assessment tools to identify and remediate device security vulnerabilities. One component of a productive, complete security assessment is fuzzing, an automated software testing method that injects invalid, malformed, or unexpected inputs into a device to reveal defects and vulnerabilities.
With addition of defensics to the Keysight IoT Security Assessment, users now have a complete solution that combines known vulnerability assessments with a versatile fuzzer that can analyse over 300 different technology protocols used across diverse industries to test for unknown vulnerabilities and weaknesses. In addition to reporting security flaws uncovered through fuzzing, the solution detects potential exploits resulting from weak authentication and encryption, expired certificates, Android vulnerabilities and android debug bridge (ADB) exposures, known common vulnerabilities and exposures (CVEs), and embedded flaws in protocol stacks, such as Bluetooth Low Energy attacks like Sweyntooth and Braktooth.
In addition, the Keysight IoT Security Assessment solution makes it simple and cost-effective for manufacturers to test IoT devices now and achieve the new white house cyber trust mark certification when it is released. This turnkey cyber security certification platform enables automated validation through a point-and-click interface, allowing device makers to bring new IoT products to market without hiring a large team of cybersecurity experts.
“With billions of IoT devices in use and more on the way, security testing is more critical than ever to address new threats and evolving regulations. Our collaboration with Keysight will provide a comprehensive solution for customers that combines hardware and Defensics fuzz testing software to conduct automated IoT security testing.” says Scott Johnson, vice president of product management, Synopsys Software Integrity Group.
“Securing IoT devices against attacks has become exponentially more difficult for manufacturers with the demand for new devices and increased functionality. By partnering with Synopsys to add their best-of-breed fuzzing tool, Keysight can provide device makers with a comprehensive security testing solution to identify previously unknown protocol stack vulnerabilities in their devices while assessing them for known threats, all from a single, easy-to-use interface.” Ram Periakaruppan, vice president and general manager, network test and security solutions, Keysight.
Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow