Vigiles is a Software Composition Analysis (SCA) tool that helps generate and analyze a Software Bill of Materials (SBOM) for publicly known cybersecurity vulnerabilities, particularly CVEs. Vigiles
is optimized for embedded systems, and it provides a complete vulnerability lifecycle management tool: discovery, prioritization, triaging, remediation, compliance and on-going monitoring/alerts.
Vigiles software uses advanced scanning and validation algorithms to identify vulnerabilities specific to your projects and software components. Vigiles software filters out the noise. The Vigiles
software tracking algorithm produces very high accuracy combined with a very low false positive rate. The result is security management for your project that is streamlined and highly efficient.
Hundreds of vulnerabilities are published every week. The Common Vulnerability & Exposure (CVE) database lists thousands of vulnerabilities that may have a direct impact on the security of your
products, both in development and in production.
Sifting through the flood of CVEs to pinpoint those affecting your products can be a heavily manual and time-consuming process. But not doing it risks having your products – and the customers using
them – wide-open targets for attackers and breaches.
NXP takes great care to ensure that our BSP releases are up-to-date and vulnerability-free when released. As time goes on, new CVEs are reported and developers begin making modifications. Both of
these contribute to greater exposure to security issues.
Identifying vulnerabilities is only the first step. What’s critical is how quickly and efficiently you are able to analyze them and take action.
Please contact Vigiles@nxp.com for more information.
