Keysight Technologies and Synopsys are partnering to provide internet of things (IoT) device makers with a comprehensive cybersecurity assessment solution to ensure consumers are protected when devices are shipped to market. Under the arrangement, the Synopsys Defensics fuzzing tool will be embedded as an option into the Keysight IoT Security Assessment solution.
The global IoT device market is experiencing notable growth due to the rise in adoption of IoT devices and is projected to reach a market value of US$413.7 billion by 2031. According to Palo Alto Networks IoT Threat Report, the vulnerability of IoT devices makes them easy targets, with 57% of IoT devices at risk of medium or high-severity attacks.
With the proliferation of devices and IoT cyberattacks, device makers increasingly need assessment tools to identify and remediate device security vulnerabilities. One effective, comprehensive security assessment component is fuzzing, an automated software testing method that injects invalid, malformed, or unexpected inputs into a device to reveal defects and vulnerabilities.
With the addition of Defensics to the Keysight IoT Security Assessment, users now have a complete, comprehensive solution that combines known vulnerability assessments with a versatile fuzzer that can analyze over 300 different technology protocols used across diverse industries to test for unknown vulnerabilities and weaknesses quickly.
In addition to reporting security flaws uncovered through fuzzing, the solution detects potential exploits resulting from weak authentication and encryption, expired certificates, Android vulnerabilities and Android Debug Bridge (ADB) exposures, known Common Vulnerabilities and Exposures (CVEs), and embedded flaws in protocol stacks, such as Bluetooth Low Energy attacks like Sweyntooth and Braktooth.
In addition, the Keysight IoT Security Assessment solution makes it easy and cost-effective for manufacturers to test IoT devices now and achieve the new White House Cyber Trust Mark certification when it is released. This turnkey cybersecurity certification platform enables automated validation through a point-and-click interface, allowing device makers to quickly bring new IoT products to market without hiring a large team of cybersecurity experts.
“With billions of IoT devices in use and more on the way, security testing is more critical than ever to address new threats and evolving regulations. Our collaboration with Keysight will provide a comprehensive solution for customers that combines hardware and Defensics fuzz testing software to conduct automated IoT security testing,” says Scott Johnson, vice president of product management at the Synopsys Software Integrity Group.
“Securing IoT devices against attacks has become exponentially more difficult for manufacturers with the demand for new devices and increased functionality. By partnering with Synopsys to add their best-of-breed fuzzing tool, Keysight can provide device makers with a comprehensive security testing solution to identify previously unknown protocol stack vulnerabilities in their devices while assessing them for known threats, all from a single, easy-to-use interface,” adds Ram Periakaruppan, vice president and general manager for network test and security solutions at Keysight.