IoT Vulnerability Disclosure Platform Launched

VulnerableThings.com is intended to help vendors meet the terms of a host of new international IoT security laws and regulations.

Dark Reading Staff, Dark Reading

October 20, 2020

1 Min Read
Dark Reading logo in a gray background | Dark Reading

A new online platform for IoT vendors to use in receiving, assessing, managing, and mitigating vulnerabilities and reports has been launched by the IoT Security Foundation (IoTSF). The new platform, VulnerableThings.com, is intended to help vendors trying to comply with the terms of a series of new IoT regulations and standards now coming into effect.

California and Oregon, along with Australia, Finland, Singapore, and the UK, have published regulations, laws, or the intent to regulate IoT security in accordance with ETSI EN 303 645, a global standard for consumer IoT security. This standard requires vendors to take a number of steps, including developing clear vulnerability disclosure policies, and monitoring for and identifying vulnerabilities.

According the the announcement launching the platform, "Manufacturers that subscribe to VulnerableThings will have access to a dashboard that will guide them through the vulnerability resolution process and facilitate communication with the reporter."

While vendors ultimately will subscribe to the platform, access to VulnerableThings.com is free until January 31, 2021. 

For more, read here and here.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights