April 17, 2021

Vulnerability Management Embedded Software

Are there any research papers that go over methodology and best practices for staying current on embedded software? More information in comments as I think the post keeps getting removed due to some sort of filter.

Comments

AlwaysBetOnTheHouse

Penitentially an ignorant question – what is the best way to keep track of closed sourced software and embedded software?

For example let’s say an application (print software for this example) has a specific middleware as a dependency embedded within it – let’s use an embedded weblogic application server for this example.

A vulnerability scanner may be able detect that a printer service on a specific port has that embedded software on a version that is vulnerable (weblogic). However is that fixed at the middleware layer – I.e., installing and upgrading a weblogic binary at once or within a fix pack within the printer software itself? If the latter it seems particular hard to keep track of and stay current with embedded software and dependencies. Is there any research papers that go over best practices and methodology to approach this, keep track of software dependencies and stay current

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.