In this short webinar, IOT device engineers and developers will see how they can immunize their devices against the root-cause of more than 50% of post-deployment updates. Using the customer example of a feature-rich, yocto-based server management solution from Vertiv™, attendees will see how to get these benefits in 3-steps, without any software changes. Attendees will leave with a 30-day trial license to use RunSafe’s tools in their own environments and demo in the RunSafe self-service portal.
Vertiv™ Avocent® Core Insight is built on top of the openBMC yocto project, designed to securely add powerful, lights-out management features to servers and other infrastructure. Avocent® Core Insight chief architect, Joerg Weedermann will walk through the product architecture and software stack. Joerg will then show how that entire stack became protected against a class of security exploitation risk by the simple addition of RunSafe’s Alkemist.
Because the images running on each yocto-built embedded system are identical, a single vulnerability can expose thousands of systems and attackers can easily scale their attacks. Alkemist can mitigate this concern by using a patented technique called Loadtime Function Randomization (LFR). Alkemist performs randomization at runtime instead of buildtime, preserving “Binary Reproducibility,” one of the yocto project’s core features, while dramatically increasing security against memory-based attacks.
RunSafe’s recent blog on security in yocto can be found here: https://runsafesecurity.com/blog/5-minute-memory-threat-immunization-for-yocto-build-environments/