ESCRYPT Vulnerability management in software-defined vehicles

Tablet displaying ESCRYPT vulnerability management projects for a car, alongside a laptop showing a car rendering.

Our ESCRYPT Vulnerability management identifies hundreds of potential findings in software-defined vehicles that must be contextualized, reviewed, and prioritized before addressing vulnerabilities. Our solution efficiently automates the identification of key vulnerabilities relevant to your project context, allowing you to allocate resources efficiently and focus on the most critical issues.

Your benefits

Automated analysis

Automated analysis of firmware by unpacking binaries, identifying components, and generating a BOM.

Automated detection

Automated detection of vulnerabilities by scanning BOM components against public vulnerabilities databases.

Focus and prioritization

Reduces total vulnerabilities by performing threat and risk analysis with ESCRYPT CycurRISK.

Streamlined vulnerability scanning and proactive security insights

The graphic depicts the workflow of ESCRYPT Vulnerability management, highlighting the different tasks and information streams between software products and solutions. — The Onekey BOM creation and vulnerability scanning software, together with ESCRYPT CycurRISK, provides a combined solution for managing software components, vulnerabilities, assets, threats and risks.

Customized support based on your needs

Vulnerability management as a service (VMaaS)

ETAS delivers a comfort service: our consulting security experts analyze your firmware binaries and scan your BOM for vulnerabilities. We provide you with regular reports detailing the identified vulnerabilities measured via CVSS score.

Numbers zero and two with two people discussing

Vulnerability management software as a service (SaaS)

You have access while ETAS manages the software infrastructure to provide a cost-efficient solution.

Numbers zero and three with a woman sitting with a laptop on a chair

Vulnerability management software as a product (SaaP)

You manage and have access to the software: ETAS as value-added reseller offers an innovation software for an on-premise solution.

A female engineer utilizes ESCRYPT CycurRISK from ETAS, a cutting-edge software solution, to analyze vehicle cybersecurity risks.

From automated vulnerability detection to a dynamic TARA process

ESCRYPT CycurRISK supports the creation and maintenance of threat analyses and risk assessments (TARAs). It allows you to capture valuable context information about the analyzed functionality or component, enabling an assessment of the impact of potential attacks on assets in a given context. By prioritizing critical vulnerabilities, the integration of ESCRYPT CycurRISK with ONEKEY makes managing a large number of identified vulnerabilities much more efficient.

Learn more about CycurRISK

ETAS meets ONEKEY: vulnerability management for software-defined vehicles

Laptop monitor with onekey dashboard view

ETAS and product security specialist ONEKEY offer a joint solution for effective risk-based vulnerability management in software-defined vehicles. The ONEKEY software automates the real-time analysis and creation of software bill of material (BOM) from firmware binary files. At ETAS, we combine our expertise in automotive cybersecurity and our product, ESCRYPT CycurRISK, to focus on and prioritize the critical vulnerabilities that truly matter in your context.

Automated software component analysis provides visibility into your software supply chain.
Automatic detection of vulnerabilities using interfaces to vulnerability databases like NVD, mapping the CVEs to CVSS.

Compliance wizard ensures alignment with key regulations like UN R155 and ISO/SAE 21434.

ESCRYPT CycurRISK meets ONEKEY