Onekey resources

Access the latest Whitepaper, Datasheets, research, and security advisories on cybersecurity and compliance—all in one place.

Featured resources

ONEKEY Webinar: CRA Harmonized Standards - Role, Structure and Practical Application for EU Market Access
Events
Mar 11, 2026
2
 min read

ONEKEY Webinar: CRA Harmonized Standards - Role, Structure and Practical Application for EU Market Access

Get clarity on CRA harmonized standards & learn how to prepare your organization for their practical application – Register now!

Tanja Sommer
Tanja Sommer
Read More
How OPEX Achieved CRA Readiness Through ONEKEY’s Structured Expert Assessment
Success Stories
Mar 4, 2026
5
 min read

How OPEX Achieved CRA Readiness Through ONEKEY’s Structured Expert Assessment

Discover how OPEX secured CRA readiness with ONEKEY’s expert assessment. Gain clarity and compliance confidence!

Read More
ONEKEY Webinar: What Makes a Good SBOM? Ensuring High-Quality, Actionable Software Bill of Materials
Events
Mar 2, 2026
2
 min read

ONEKEY Webinar: What Makes a Good SBOM? Ensuring High-Quality, Actionable Software Bill of Materials

Learn how to ensure High-Quality, Actionable Software Bill of Materials - Register now!

Tanja Sommer
Tanja Sommer
Read More
What Is a Software Bill of Materials (SBOM)? Meaning, Example & Use Cases
Blog
Oct 1, 2025
6
 min read

What Is a Software Bill of Materials (SBOM)? Meaning, Example & Use Cases

Discover the meaning of a Software Bill of Materials (SBOM), see real examples, and learn how SBOMs strengthen software security and compliance today.

Tanja Sommer
Tanja Sommer
Read More
Security Vulnerability: Definition, Examples & Threats
Blog
Sep 1, 2025
6
 min read

Security Vulnerability: Definition, Examples & Threats

Find out what a security vulnerability is, see common examples of vulnerabilities in security, and learn how to manage risks effectively. Read more!

Tanja Sommer
Tanja Sommer
Read More
Meet ONEKEY at embedded world 2026 – Nuremberg
Events
Jan 22, 2026
3
 min read

Meet ONEKEY at embedded world 2026 – Nuremberg

Discover the next level of product cybersecurity & compliance for embedded systems on site in Nuremberg. Book you meeting now!

Tanja Sommer
Tanja Sommer
Read More
Meet ONEKEY at the IoT Tech Expo 2026 - London
Events
Jan 16, 2026
3
 min read

Meet ONEKEY at the IoT Tech Expo 2026 - London

Meet ONEKEY at IoT Tech Expo 2026 in London to experience automated product cybersecurity and compliance for IoT, OT, and IIoT devices. Secure your systems – at scale.

Tanja Sommer
Tanja Sommer
Read More
ONEKEY Webinar Integrating CRA Risk Management into Automated SecDevOps Workflows
Events
Nov 14, 2025
2
 min read

ONEKEY Webinar Integrating CRA Risk Management into Automated SecDevOps Workflows

Join the ONEKEY webinar to learn how to integrate CRA risk management into automated SecDevOps workflows. Discover best practices for compliance, automation, threat modeling, and continuous security. Register now!

Tanja Sommer
Tanja Sommer
Read More
How We Taught Our Platform to Understand RTOS Firmware
Research
Sep 22, 2025
15
 min read

How We Taught Our Platform to Understand RTOS Firmware

Discover how ONEKEY’s platform breaks open real-time operating system (RTOS) firmware. Learn how automated architecture detection, load address recovery, and component identification bring transparency and security to embedded devices in automotive, medical, and industrial sectors.

Quentin Kaiser
Quentin Kaiser
Lead Security Researcher
Read More
ONEKEY Webinar From Detection to Decision
Events
Sep 17, 2025
3
 min read

ONEKEY Webinar From Detection to Decision

From Detection to Decision | Improve vulnerability management with ONEKEY. Gain insights, enforce policies & prove compliance. Register for the webinar here.

Read More
ONEKEY Webinar From CRA to RED
Events
Sep 15, 2025
3
 min read

ONEKEY Webinar From CRA to RED

From RED to CRA | Master new EU cybersecurity requirements with ONEKEY. Understand CRA, ensure compliance & leverage SBOMs. Register for the webinar now.

Read More
IoT & OT Cybersecurity Report 2025
Whitepapers
Sep 3, 2025
15
 min read

IoT & OT Cybersecurity Report 2025

Discover key insights from ONEKEY’s 2025 IoT & OT Cybersecurity Report: CRA compliance gaps, SBOM challenges, and urgent steps for secure digital products.

Read More
No market approval without cybersecurity: How companies can successfully implement the CRA
Blog
Aug 20, 2025
3
 min read

No market approval without cybersecurity: How companies can successfully implement the CRA

The EU Cyber Resilience Act (CRA) makes cybersecurity a must for CE marking. Learn how companies can achieve compliance, ensure security, and secure market access.

Tanja Sommer
Tanja Sommer
Read More
Static Source Code Analysis vs. Binary Scanning
Blog
Aug 20, 2025
4
 min read

Static Source Code Analysis vs. Binary Scanning

Compare static source code analysis and binary scanning. Learn how ONEKEY gives you full visibility, detects real risks, and generates SBOMs – even without source code.

Sebastian Schneider
Sebastian Schneider
Customer Success Engineer
Read More
ONEKEY Webinar Secure Private Keys in Public Firmware
Events
Aug 20, 2025
2
 min read

ONEKEY Webinar Secure Private Keys in Public Firmware

Secure your connected products. Join our expert-led webinar to learn how to detect, manage, and prevent private key leaks in firmware. Ideal for PSIRTs and product security teams.

Read More
ONEKEY @ All About Automation 2025
Events
Jun 5, 2025
2
 min read

ONEKEY @ All About Automation 2025

Meet ONEKEY at All About Automation Düsseldorf 2025 (Sept 17–18 at Areal Böhler) to explore smart, secure, and compliant industrial automation. Discover how ONEKEY helps secure IoT & OT devices with automated SBOMs, firmware analysis, and IEC 81001-5-1 compliance.

Read More
ONEKEY Online Seminar Complying with the EU Cyber Resilience Act
Events
Jun 4, 2025
2
 min read

ONEKEY Online Seminar Complying with the EU Cyber Resilience Act

Get ready for the EU Cyber Resilience Act (CRA). Join our expert-led seminar to understand CRA compliance, SBOMs, secure software supply chains, and automated self-assessments. Ideal for product security professionals.

Read More
ONEKEY Online Seminar RTOS Analysis
Events
Jun 4, 2025
2
 min read

ONEKEY Online Seminar RTOS Analysis

Join the exclusive ONEKEY online seminar to discover powerful RTOS firmware analysis techniques for securing embedded systems, automating compliance, and minimizing vulnerabilities. Register now!

Read More
ONEKEY Platform Update May 2025
Blog
May 23, 2025
7
 min read

ONEKEY Platform Update May 2025

Explore ONEKEY’s latest platform enhancements, including advanced RTOS firmware analysis, ELF dependency visualization and many more

Tanja Sommer
Tanja Sommer
Read More
Security Advisory: Remote Code Execution on Diviotec IP Camera (CVE-2025-5113)
Research
Jun 3, 2025
10
 min read

Security Advisory: Remote Code Execution on Diviotec IP Camera (CVE-2025-5113)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Diviotec IP Cameras. Learn about the risks and recommended actions.

Quentin Kaiser
Quentin Kaiser
Lead Security Researcher
Read More
Security Advisory: Remote Command Execution on Netcomm NTC 6200 and NWL 222
Research
Jun 2, 2025
10
 min read

Security Advisory: Remote Command Execution on Netcomm NTC 6200 and NWL 222

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Netcomm devices. Learn about the risks and recommended actions.

Quentin Kaiser
Quentin Kaiser
Lead Security Researcher
Read More
Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008)
Research
May 26, 2025
10
 min read

Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Smartbedded MeteoBridge. Learn about the risks and recommended actions.

Quentin Kaiser
Quentin Kaiser
Lead Security Researcher
Read More
Shell CGI Static Code Analysis - Automatic Discovery of RCEs
Research
May 23, 2025
10
 min read

Shell CGI Static Code Analysis - Automatic Discovery of RCEs

Uncover ONEKEY's new shell CGI Static Code Analysis feature, designed to identify critical Remote Code Execution vulnerabilities. Click now to find out more.

Quentin Kaiser
Quentin Kaiser
Lead Security Researcher
Read More
ONEKEY @ 8th Annual European Medical Device and Diagnostic Cybersecurity Conference 2025 – Meet Us in Berlin!
Events
May 12, 2025
2
 min read

ONEKEY @ 8th Annual European Medical Device and Diagnostic Cybersecurity Conference 2025 – Meet Us in Berlin!

Visit ONEKEY at Booth 4 during the Medical Device and Diagnostic Cybersecurity Conference 2025, May 13–15 at Mercure Hotel MOA Berlin. Explore our solutions for firmware security, SBOM, and IEC 81001-5-1 compliance.

Read More
ONEKEY Online Seminar Automate Vulnerability Management and Impact Assessment in the SDLC
Events
May 8, 2025
2
 min read

ONEKEY Online Seminar Automate Vulnerability Management and Impact Assessment in the SDLC

Join our free 45-minute online seminar on May 15 to learn how to automate vulnerability management and impact assessment in the SDLC using ONEKEY. Live demo included.

Read More
ONEKEY @ STARTUP AUTOBAHN 2025 – Meet Us in Stuttgart!
Events
May 7, 2025
2
 min read

ONEKEY @ STARTUP AUTOBAHN 2025 – Meet Us in Stuttgart!

Meet ONEKEY & ETAS at EXPO2025 Stuttgart. Discover how we automate product cybersecurity & compliance across the lifecycle—smart, scalable, risk-based.

Read More
ONEKEY Online Seminar SBOM Management
Events
Apr 11, 2025
2
 min read

ONEKEY Online Seminar SBOM Management

Join the exclusive ONEKEY online seminar to learn effective SBOM strategies for securing your software supply chain, simplifying regulatory compliance, and reducing security risks. Register now!

Read More
ONEKEY @ Embedded World 2025 – Meet Us in Nuremberg!
Events
Feb 4, 2025
2
 min read

ONEKEY @ Embedded World 2025 – Meet Us in Nuremberg!

ONEKEY will be exhibiting at embedded world 2025 in Nuremberg with Booth 5-376, Hall 5. Attending as well? Let’s meet!

Read More
IoT & OT Cybersecurity Report 2024
Whitepapers
Jan 17, 2025
15
 min read

IoT & OT Cybersecurity Report 2024

ONEKEY's Cybersecurity Report 2024 shows: OT & IoT cyber attacks are rising dramatically – the industry is under pressure to act.

Read More
Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers
Research
Nov 26, 2024
20
 min read

Critical Vulnerabilities in EV Charging Stations: Analysis of eCharge Controllers

Discover how severe security flaws, including unauthenticated remote command execution (CVE-2024-11665 & CVE-2024-11666), affect eCharge EV charging controllers. Learn about insecure firmware practices, cloud infrastructure issues, and actionable steps to mitigate risks in EV charging systems.

Quentin Kaiser
Quentin Kaiser
Lead Security Researcher
Read More
ESCAR Europe 2024: THE WORLD'S LEADING AUTOMOTIVE CYBER SECURITY CONFERENCE!
Events
Nov 1, 2024
3
 min read

ESCAR Europe 2024: THE WORLD'S LEADING AUTOMOTIVE CYBER SECURITY CONFERENCE!

ONEKEY at escar - The World's Leading Automotive Cyber Security Conference 2024 – Elevate Your Automotive Cybersecurity!

Read More
HOW SWISSCOM SAVES USD400,000 PER AVOIDED IOT SECURITY INCIDENT THROUGH AUTOMATED FIRMWARE ANALYSIS
Success Stories
Nov 6, 2024
5
 min read

HOW SWISSCOM SAVES USD400,000 PER AVOIDED IOT SECURITY INCIDENT THROUGH AUTOMATED FIRMWARE ANALYSIS

Pioneering IoT Firmware Security as Key to Quality of Service, Vendor Relations, and Brand Reputation!

Read More
Security Advisory: Unauthenticated Command Injection in Mitel IP Phones
Research
Nov 17, 2024
15
 min read

Security Advisory: Unauthenticated Command Injection in Mitel IP Phones

Discover critical vulnerabilities in Mitel SIP phones that allow unauthenticated command injection. Learn how outdated input parsing can expose your devices and why it's essential to scan firmware for security risks. Protect your network with our in-depth analysis and expert takeaways.

Denys Vozniuk
Denys Vozniuk
Security Consultant
Read More
What is a SBOM and why is it important for cybersecurity?
Blog
Jan 8, 2023
4
 min read

What is a SBOM and why is it important for cybersecurity?

Learn about the benefits of a SBOM for cybersecurity and how it can improve the security and quality of your products. Read the Latest Blog Post Now!"

Sara Fortmann
Sara Fortmann
Senior Marketing Manager
Read More
Reducing Common Vulnerabilities and Exposures (CVEs) in Software Development
Blog
Jan 15, 2023
8
 min read

Reducing Common Vulnerabilities and Exposures (CVEs) in Software Development

Stay informed & stay protected with our blog on the EU Cyber Resilience Act. Learn what the new regulation means for your business & how to stay compliant.

Sara Fortmann
Sara Fortmann
Senior Marketing Manager
Read More
Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X
Research
May 26, 2024
5
 min read

Security Advisory: Arbitrary Command Execution on TP-Link Archer C5400X

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in the TP-Link Archer C5400X router. Learn about the risks and recommended actions.

Read More
Security Advisory: Remote Code Execution in Ligowave Devices
Research
May 13, 2024
3
 min read

Security Advisory: Remote Code Execution in Ligowave Devices

Explore the security advisory detailing remote code execution vulnerabilities in Ligowave devices. Learn about the risks & recommended protections.

Read More
Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6199)
Research
Apr 25, 2025
5
 min read

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6199)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Quentin Kaiser
Quentin Kaiser
Lead Security Researcher
Read More
Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198)
Research
Apr 25, 2025
5
 min read

Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198)

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.

Quentin Kaiser
Quentin Kaiser
Lead Security Researcher
Read More
The X in XFTP Stands For eXecute
Research
Jul 8, 2024
6
 min read

The X in XFTP Stands For eXecute

Find out how our platform enhances firmware security by identifying vulnerabilities & bugs in ICT products, ensuring compliance with DORA & NIS2 directive.

Read More
ONEKEY 360° Comprehensive Product Cybersecurity & Compliance
Whitepapers
Sep 1, 2024
15
 min read

ONEKEY 360° Comprehensive Product Cybersecurity & Compliance

This whitepaper targets, Head of Product Cybersecurity, Product Owner, Compliance Professionals and Head of Devel- opment of manufacturers of connected devices.

Read More
TACKLING SOFTWARE SUPPLY CHAIN RISKS WITH IEC 62443 AND SBOM
Whitepapers
Nov 1, 2023
15
 min read

TACKLING SOFTWARE SUPPLY CHAIN RISKS WITH IEC 62443 AND SBOM

This whitepaper targets security teams of industrial automation and control systems (IACS) asset owners and product suppliers.

Read More
Previous
Next

All resources

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities
Research
Sep 14, 2022
9
 min read

Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities

Detailed vulnerability analysis identifies several problems in FunJSQ on NETGEAR Routers & Orbi WiFi Systems. Read latest Security Advisory here 👉

Read More
Experts recommend: Managing Risks in the Software Supply Chain of Industrial Equipment & Products
Blog
Sep 6, 2022
3
 min read

Experts recommend: Managing Risks in the Software Supply Chain of Industrial Equipment & Products

New expert whitepaper on managing risks in the software supply chain using IEC 62443 and automated software BOMs now available!

Read More
Advisory: Cisco Small Business RV Series Routers Web Filter Database Update Command Injection Vulnerability
Research
Aug 8, 2022
5
 min read

Advisory: Cisco Small Business RV Series Routers Web Filter Database Update Command Injection Vulnerability

The advisory describes a vulnerability ONEKEY identified when hunting for bugs to craft exploit chains for PWN2OWN 2021. Read advisory!

Read More
Advisory: FESTO: CECC-X-M1 - Command Injection Vulnerabilities
Research
Jul 6, 2022
5
 min read

Advisory: FESTO: CECC-X-M1 - Command Injection Vulnerabilities

To evaluate and strengthen the automated vulnerability detection capabilities of ONEKEY, we frequently download and analyze firmware images from a variety of vendors. This is how we stumbled upon the CECC-X-M1 product line, an industrial controller manufactured by FESTO.

Read More
Whitepaper: Sourcing Secure IoT Devices
Blog
Mar 15, 2022
1
 min read

Whitepaper: Sourcing Secure IoT Devices

Find out what to consider when purchasing new IoT products to avoid compromising the security of your IT infrastructure.

Read More
Advisory: Western Digital My Cloud Pro Series PR4100 RCE
Research
Feb 14, 2022
7
 min read

Advisory: Western Digital My Cloud Pro Series PR4100 RCE

The IoT Inspector Research Lab uncovered a command injection vulnerability on Western Digital My Cloud Pro Series PR4100.

Read More
Top 6 IoT security myths – busted
Blog
Feb 7, 2022
4
 min read

Top 6 IoT security myths – busted

You think that IoT security is too expensive? Or that your company is not at risk? We debunk the most common misconceptions about IoT security!

Read More
How-To: Extracting Decryption Keys for D-Link
Research
Nov 24, 2021
8
 min read

How-To: Extracting Decryption Keys for D-Link

Find out how the IoT Inspector Research Lab extracted an encryption key for a subset of D-Link routers - in particular the D-Link DIR-X1560.

Read More
Pwn2Own: IoT Inspector Research Lab uncovers vulnerabilities in Cisco router
Blog
Nov 10, 2021
1
 min read

Pwn2Own: IoT Inspector Research Lab uncovers vulnerabilities in Cisco router

The IoT Inspector Research Lab successfully identified three previously unknown vulnerabilities in the Cisco RV340 router at Pwn2Own 2021.

Read More
Oops!
No result found
Please try a different category.

Ready to automate your Product Cybersecurity & Compliance?

Make cybersecurity and compliance efficient and effective with ONEKEY.

See it in Action