Sectigo (formerly Comodo CA), the world’s largest commercial SSL Certificate Authority (CA) and a leader in web security solutions, has acquired Icon Labs. They are provider of cross-platform security solutions for embedded OEMs and Internet of Things (IoT) device manufacturers.
It is a big move with a large trend – as Certificate Authority started to provide PKI-based IoT security solutions to manufacturers. And to be honest, this was a much-needed reaction in order to put lights on IoT devices which are suffering from lack of security.
In a rapid process to connect every device to the internet – security took a back seat. And now it turns out that all those unsecured household and industrial devices are a perfect addition to botnets and can be harnessed to do evil.
For year IoT security wasn’t given much importance. In 2019 things have changed, so keep reading this article as we discuss what exactly it is that PKI is securing with regard to the IoT and why Sectigo’s acquisition of Icon Labs foretell well for the future.
Sectigo becomes the first CA offering End-to End loT Security Solutions by acquiring Icon Labs. This platform smoothly makes devices non penetrable with embedded tools, also make their devices with embedded tools and a multi-stage secure boot. Certificate Authorities have started providing PKI based loT security solutions to the manufacturers, in order to connect with all devices to the internet and security has been ignored.
According to Bill Holtz, CEO, Sectigo, “Icon Labs has been growing and addressing this challenge by securing the device market for more than two decades. For the first time, embedded security technology is combined with device authentication and identity management to provide customers with a complete IoT security platform. This solves many of the challenges presented by the rising number of threats.”
Provides embedded software APIs that ensure software integrity from the initial “power on” to application execution. It also enable developers to securely code sign boot loaders, microkernels, operating systems, application code, and data. Upon system startup, Sectigo verifies the integrity of code and data before execution and before permitting installation or updates. It also stores a secure audit log for system boot processing and other services.
This works with Real Time Operating Systems (RTOS) and Linux to configure filtering rules and offers deep packet inspection for industrial protocols, including CAN bus.
Offers certificate storage integration in Trusted Platform Module (TPM) compliant secure elements.
Ensures security components have not been modified, offers authentication from the OEM, and issues alerts if firmware validation fails.
Expands Sectigo cloud-based CA to also enable an on-premise CA, providing role-based user management, high-performance issuance on site, and remote device audits. This allows signed device manifests to be added during manufacturing, then remotely validated.
“By joining Sectigo, Icon Labs is contributing to a powerful advancement in connected device security. We are securing IoT devices and the convergence of traditional IT systems and Operational Technology (OT); that is, the hardware and software that detects or causes changes in physical processes through direct monitoring and/or control of physical devices,” said Alan Grau, Founder of Icon Labs.
“Icon Labs adds an important set of products and core competencies to the Sectigo technology suite. Sectigo will continue to provide existing Icon Labs customers with the full set of offerings they’re accustomed to. Additionally, we are proud to make the acquired technology products available to the full set of Sectigo enterprise customers for their device security needs,” writes Sectigo Senior Fellow, Tim Callan.
Sectigo’s IoT Security platform is now capable of securing just about every attack vector facing IoT devices, from attacks that occur while the device is booting, to attacks that may occur while the device is connected to a network, to attacks that occur during the update cycle.
Know more about Sectigo Acquires Icon Labs here.
Image Courtesy: Sectigo.