Vdoo, a leader in product security for embedded software, today announced its integration partnership with the Yocto Project (YP), an open-source collaboration project which enables developers to create custom Linux-based systems for an expanding array of uses, including embedded, IoT, connected edge, servers, and virtual environments. YP ecosystem members and participants include Intel, ARM, Wind River, Xilinx, Facebook, Comcast, Cisco, Microsoft, Texas Instruments, Dell, LG Electronics, and more.
Vdoo provides the Yocto Project vulnerability analysis for Poky builds produced by the community. The comprehensive analysis increases the depth and breadth of security coverage through the unique identification and qualification of known and unknown security weaknesses. As an automated process, Vdoo's analysis can be incorporated at any stage in the release cycle, expanding the capabilities and reach of the security domain expertise active in the project.
“We’re delighted to offer our security platform to the Yocto Project,” said Asaf Karas, Co-Founder and CTO of Vdoo. “Vdoo’s automated security analysis will help the Yocto Project community to accurately assess, prioritize and mitigate known or unknown issues at every stage of the development process.”
Many real-world device images built using Yocto Project are actually very similar, meaning a single vulnerability in the base image can expose thousands of systems, and attackers can more easily scale their attacks.
Vdoo delivers the industry’s leading automated product security platform for device manufacturers and deployers. Vdoo’s platform performs a complete security assessment in minutes, providing a comprehensive report identifying zero-day vulnerabilities, CVEs, configuration and hardening issues, standard non-compliance, and other security exposures with suggested prioritization and remediation mechanisms.
Vdoo’s automated approach to securing connected products has helped Fortune 500 manufacturers and service providers to scale up their product security capabilities across multiple lines of business, enabling them to significantly shorten their time-to-market, reduce resource requirements, increase sales, and lower overall risk profiles.
Founded by a team of serial entrepreneurs with deep expertise in endpoint and embedded system security, Vdoo is a global company with offices in the U.S., Germany, Israel and Japan. For more information, visit www.vdoo.com
About Yocto Project
The Yocto Project is an open-source collaboration project hosted by the Linux Foundation that helps developers create custom Linux-based systems for embedded products, regardless of the hardware architecture. To learn more about the project or how to join, please contact email@example.com.
For additional information about the project, please visit here.