The approaches to security are varied and complex — and dynamic, due to the ever-changing threat landscape and increasing regulatory requirements.
Wind River® Professional Services has a deep understanding of the threat landscape that your device will encounter. Our global team of experts will help you build a comprehensive cybersecurity plan for your product.
Wind River Studio Security Services
We create a security framework for you based on the industry-standard CIA triad of confidentiality, integrity, and availability. Meeting these fundamental principles increases the security profile of the device, lowers the risk of threat incidents, and better protects against cyberattacks.
We provide a detailed written assessment of how to secure your embedded system. Every aspect of your design is included in the assessment, from hardware selection through the operating systems and all components of your final application, including any software you purchase or build.
Security Response Team
Our best-in-class incident response process protects devices before and after deployment. Our team actively monitors the Common Vulnerabilities and Exposures (CVE) database, proactively notifies you of potential vulnerabilities impacting Wind River products, and offers resolution measures before the community is aware of the vulnerability.
FIPS 140-3 Certification
Wind River will port the latest version of the OpenSSL FIPS Object Module to your platform and take your configuration through a Level 1 or Level 2 FIPS 140-3 certification, working closely with OpenSSL NVLAP to ensure success.
Wind River security experts help your own team implement security policies and respond to threats. Our Embedded Security Essentials training course covers a wide range of software security topics and can be augmented with additional security mentoring as needed.
Our offers include security assessments, threat modeling, and OS hardening.
CVE monitoring and mitigation
We provide active monitoring for new software CVEs that may impact the development environment or the software in fielded devices. This service can be customized to your specific needs and areas of risk.
Wind River Studio Linux Services
We provide automated security scanning, compliance analysis, and remediation, tuned for complex embedded systems.
Learn More »
See the latest security alerts, CVEs, and other security information.
Search our database of CVEs and find information about their impact on Wind River products and remediation.
Read a detailed examination of security implementations that support the objectives of the CIA triad.
Security must cover every endpoint device, throughout the entire lifecycle.