Sternum enables IoT device manufacturers – for the first time – to have visibility into their entire device fleet in real time, leading to key insights and analysis beyond security threats
Sternum, the IoT cybersecurity company providing embedded protection and real-time visibility for connected devices, announced today the launch of its Advanced Detection System (ADS), an agentless data analytics solution that can be seamlessly embedded onto a wide array of IoT devices. With its analysis of data gleaned from closed source binaries from within a device, ADS is the first and only product capable of providing manufacturers with a resource-light method for detecting vulnerabilities and exploitations that pose a threat, all while enhancing data analytic capabilities to enable better performing devices.
40 billion IoT devices are predicted to be in use by 2025, yet until now, manufacturers have had to rely on agent-based solutions, which are resource-heavy. Sternum breaks from this traditional and cumbersome approach by offering an agentless monitoring solution that can be easily injected into a device’s code. The solution can effectively detect all suspicious events and attempts to breach a device, as well as further garner proprietary insights about a device’s internal operations, software functions, and third party code, long a blind spot for device manufacturers across the board.
Because ADS operates from within a device’s code, the solution can detect not only software bugs, but also flaws and vulnerabilities that affect device security and that are excessively common in unmanaged Bluetooth-capable devices.
ADS’s value was most recently proven following its successful detection of BLESA (Bluetooth Low Energy Spoofing Attack)-type exploitation attempt. BLESA, a logical vulnerability arising from authentication issues in the device reconnection process and currently affecting billions of IoT devices, is one of many logical vulnerabilities that ADS can detect in real-time using its algorithmic cybersecurity engine.
ADS is scalable, the only solution on the market that can sit on IoT devices running RTOS, and the only post-market solution for legacy devices. It is applicable to a wide range of IoT devices – low-end, high-end, Linux-based, and more – with no configurations or changes to existing code required.
“Until now, OEMs have been largely unable to monitor and gain intimate and real-time visibility into their distributed IoT devices, leaving manufacturers with too many blind spots and unable to respond to pending threats,” said Natali Tshuva, Sternum’s CEO and co-founder. “Manufacturers understand that device analysis is only as good as the data they are able to obtain, which is why we are launching a first-of-its-kind solution that unlocks access to hidden data points and creates new insights. Comprehensive visibility from within embedded IoT devices ensures that OEMs are immediately alerted to exploitation attempts, security flaws, and much more. ADS enhances their offering to their clients and enterprises by streamlining these real-time alerts into the enterprises systems.”
The ADS platform joins Sternum’s Embedded Integrity Verification (EIV) solution. When utilized together, both ADS and EIV work symbiotically, the former continuously collecting and monitoring cyber and operational events, while the latter proactively prevents attack attempts in real-time.