SW Supply Chain Security performs automatic binary SBOM scanning for public and private vulnerabilities to comply with regulations and assure product security.
One of the biggest cyber security challenges of OEMs is limited or no visibility into the Software Bill of Materials (SBOM) of components that come from vast amounts of external resources and software vendors. Therefore, it’s hard to tell whether an external software component is secured, and demonstrate cyber security regulatory compliance to auditors.
For vehicles and components subject to cyber security regulation and standards such as UN R155 and ISO/SAE 21434
Get full visibility of the cyber security posture of all components from all vendors
Focus on high priority risk and vulnerabilities, reduce analyst overhead
Keep detecting newly published vulnerabilities for the life of the vehicle and its components
Can integrate with PlaxidityX DevSecOps holistic platform
Automatic SBOM extraction from binaries including AUTOSAR, Linux and Android
Manage ECUs, hardware components, and software libraries per project or vehicle model
Continuous scanning to identify vulnerabilities from public and private databases relevant to your assets
Stay informed with detailed alerts, automatically prioritize vulnerabilities, gain insight into risk exposure for each vulnerability
Security AutoDesigner leverages years of experience from dozens of automotive TARA projects, a comprehensive threats DB, and state-of-the-art AI technology to enable OEMs and Tier-1 suppliers to automatically create a detailed Threat Analysis & Risk Assessment report to secure vehicles and ECUs and comply with ISO 21434 and UNR 155.
Code Security Manager integrates static application security testing (SAST) and dynamic application security testing (DAST) into early development stages, offering developer centric CI/CD integration and source code support for robust pre-production security.
Security AutoTester utilizes PlaxidityX’s extensive knowledge and domain expertise in automotive cyber security based on hundreds of customer projects to enable enterprise level security testing such as fuzz and penetration testing to automotive software developers, both OEMs and suppliers