informa
/
Quick Hits

IoT Vulnerability Disclosure Platform Launched

VulnerableThings.com is intended to help vendors meet the terms of a host of new international IoT security laws and regulations.

A new online platform for IoT vendors to use in receiving, assessing, managing, and mitigating vulnerabilities and reports has been launched by the IoT Security Foundation (IoTSF). The new platform, VulnerableThings.com, is intended to help vendors trying to comply with the terms of a series of new IoT regulations and standards now coming into effect.

Related Content:

WannaCry Has IoT in Its Crosshairs

2020 State of Cybersecurity Operations and Incident Response

New on The Edge: Expert Tips to Keep WordPress Safe

California and Oregon, along with Australia, Finland, Singapore, and the UK, have published regulations, laws, or the intent to regulate IoT security in accordance with ETSI EN 303 645, a global standard for consumer IoT security. This standard requires vendors to take a number of steps, including developing clear vulnerability disclosure policies, and monitoring for and identifying vulnerabilities.

According the the announcement launching the platform, "Manufacturers that subscribe to VulnerableThings will have access to a dashboard that will guide them through the vulnerability resolution process and facilitate communication with the reporter."

While vendors ultimately will subscribe to the platform, access to VulnerableThings.com is free until January 31, 2021. 

For more, read here and here.

Recommended Reading: