In this demo, we show how RunSafe Protect defends VxWorks-based embedded systems from URGENT/11 memory safety exploits. You’ll see a vulnerable system challenged by a simulated attack and then observe how RunSafe’s protections—like memory randomization and moving target defense—disrupt the exploit and prevent attackers from taking control.

This demo highlights how RunSafe strengthens embedded software, mitigates known and future vulnerabilities, and ensures critical systems remain secure without altering functionality or slowing development.

The post How RunSafe Protects VxWorks Systems from URGENT/11 Exploits appeared first on RunSafe Security.

RunSafe Security is dedicated to protecting the world’s most critical software across defense, infrastructure, automotive, and medical systems. In this video, you’ll see how our platform delivers a secure-by-design approach that stops vulnerabilities before they can be exploited. From identifying hidden risks and generating Software Bills of Materials (SBOMs) to hardening software at build-time and runtime, RunSafe ensures that critical systems remain resilient, reliable, and secure. By integrating our Identify, Protect, and Monitor capabilities, we give organizations the tools to proactively defend against attacks across the entire software supply chain.

Our mission is clear: neutralize the vulnerabilities attackers rely on, enabling safe and uninterrupted operations across industries where security and reliability are non-negotiable. RunSafe’s platform not only automates embedded security but also provides real-time visibility into software health, helping teams maintain strong security posture without slowing innovation. Trusted by organizations around the globe, RunSafe proves that comprehensive cybersecurity can be both powerful and seamless—making every system, every product, and every mission more resilient.

The post RunSafe Security in 2 Minutes: Protecting Critical Software appeared first on RunSafe Security.

Zero-day vulnerabilities are the hidden threat lurking in every software stack. In this THREATCON1 session, Doug Britton explains how organizations can use binary analysis to quantify potential zero-day risk and stop memory safety exploits.

Through the lens of Return-Oriented Programming (ROP) and memory safety, Doug shows how modern attackers chain small fragments of legitimate code to escalate privileges or execute remote commands and how binary-level randomization stops them cold.

Highlights:

• Understand how ROP chains enable zero-day exploits
• Learn how to measure the “attack surface” of compiled binaries
• See why memory safety bugs drive zero-day risk in embedded software
• Learn how fine-grained memory function randomization neutralizes exploitability

Watch the full session to learn more.

Interested in seeing your zero-day exposure? RunSafe offers a Risk Reduction Analysis based on the topic of this talk. Analyze your binary here.

Watch all THREATCON1 content here: https://www.threatcon1.org/registration

The post Using Binary Analysis to Quantify Potential Zero-Day Risk with Doug Britton appeared first on RunSafe Security.

In this RunSafe Security Minute, Shane Fry, RunSafe’s CTO, answers a critical question for embedded systems security: what does “100% coverage” for VxWorks actually mean, and why should teams care? 

Historically, defenses focused on user-space code and application DKMs, but for many VxWorks systems the majority of the exploitable attack surface lives in the kernel. RunSafe pushed protections earlier in the boot and extended randomization so it covers both kernel and application code. The result: RunSafe’s protections eliminate essentially all usable ROP (return-oriented programming) gadgets an attacker would rely on. 

Even if an attacker can write over memory or drop code on the stack, they can’t predict where code lives, so memory-corruption techniques fail. This approach makes VxWorks systems far more resilient to real-world exploitation with minimal developer disruption.

The post What does 100% coverage for VxWorks mean, and why is it important for embedded systems security? appeared first on RunSafe Security.

Software Bills of Materials (SBOMs) are essential for visibility into your software supply chain—but many miss a critical piece: proprietary component details. Licensing terms, authorship, and supplier information often sit outside the codebase, making them difficult to capture.

In this RunSafe Security Minute, Kelli Schwalm, Director of SBOM at RunSafe Security, highlights why these details matter for compliance, provenance, and consumer trust. She also connects these insights to RunSafe’s August product update, which expanded the flexibility of our SBOM configuration file. Now, teams can define proprietary components once, automatically enrich every SBOM with license and supplier data, and reuse the config file across builds—making SBOM generation accurate, repeatable, and efficient.

The post Why is it critical to enrich SBOMs with proprietary component details like licensing and supplier info? appeared first on RunSafe Security.

Software Bills of Materials (SBOMs) are now a critical requirement for software security and regulatory compliance. But for C and C++—especially in embedded systems—hidden dependencies, legacy code, and opaque build artifacts can leave dangerous blind spots.

In just 60 seconds, discover how RunSafe Security eliminates these challenges. Our platform captures complete, exportable SBOMs for C/C++ without requiring a package manager. Integrated directly into your CI/CD pipeline, our solution delivers accurate dependency mapping, vulnerability insights, and the clarity you need to secure your software supply chain.

The post SBOMs for Embedded Systems: Solving the C/C++ Visibility Problem appeared first on RunSafe Security.

In an era where software defines vehicle safety, the rise in automotive vulnerabilities is alarming. With over 530 CVEs affecting automotive systems in 2024, OEMs and suppliers must rethink how they build and protect software.

This video introduces the RunSafe Security Platform, built to secure automotive software from the start of development through deployment and beyond.

What you’ll learn:

• Why automotive software is increasingly targeted

• How RunSafe helps you Identify vulnerabilities with real-time SBOM generation and risk quantification

• How memory safety protections like memory relocation defend against exploits

• How to monitor runtime behavior to catch crashes and attack signals

• Which systems benefit: ECUs, ADAS, infotainment, and more

Stop the exploit before it happens. Start with a Risk Reduction Analysis. 

The post Secure Automotive Software from Source to Runtime appeared first on RunSafe Security.

In this RunSafe Security Minute, John Michael, Senior Software Engineer at RunSafe Security, outlines how RunSafe Protect delivers fine-grained memory attack mitigation on QNX and VxWorks 7—without modifying application source code or introducing significant runtime overhead.

By leveraging Load-time Function Randomization (LFR), RunSafe Protect defeats memory corruption techniques that rely on predicting function locations in memory. Unlike Address Space Layout Randomization (ASLR), LFR works at a more granular level, reducing risk from information leaks. The setup process is simple—just a one-line change to your makefile or a quick install script—and supports a wide range of legacy and custom build systems.

RunSafe’s wrapper utility handles metadata generation at build time, minimizing startup impact and preserving application performance. Once randomization is complete, your code runs just as before—but now with added protection from modern memory-based exploits.

The post How does RunSafe Protect enable memory attack mitigation on QNX and VxWorks 7 without requiring source code changes or performance trade-offs? appeared first on RunSafe Security.

RunSafe Security is expanding its memory safety protections to support QNX, VxWorks 6.9, and VxWorks 7—two of the most widely used real-time operating systems (RTOS) in embedded systems today. In this RunSafe Security Minute video, Senior Software Engineer Christopher explains why this update is essential for securing critical infrastructure.

These RTOS platforms are often deployed in high-stakes environments like spacecraft, airplanes, power plants, vehicles, and medical devices. As such, they are prime targets for attackers. Adding to the challenge, these systems frequently go unpatched for long periods—or forever—due to their long lifespans and operational constraints.

Compounding the issue, many legacy platforms can’t support modern security tools like Rust or ASLR. RunSafe’s memory safety protections help close these gaps by shielding vulnerable embedded systems from exploits, even when traditional patching or security solutions aren’t viable.

The post Why is support for QNX and VxWorks 7 in RunSafe Protect such a critical addition for memory safety in embedded systems? appeared first on RunSafe Security.

The post What was causing instability in C++ SBOM generation on Windows, and how has RunSafe resolved it in the latest update? appeared first on RunSafe Security.

The post What does RunSafe Security do? appeared first on RunSafe Security.

As critical infrastructure evolves, so do the threats targeting it. One of the biggest shifts in recent years is the convergence of IT (Information Technology) and OT (Operational Technology) systems. While this integration improves visibility and remote management, it also expands the attack surface in significant ways.

In this short video, RunSafe Security CTO explains:

• Why OT systems were never designed for network connectivity

• How post-COVID remote work accelerated OT exposure

• What risks arise when legacy devices meet modern IT networks

• Practical steps to reduce risk on both sides of the IT/OT line

Whether you’re managing industrial control systems, water treatment facilities, or power grids, this is a must-watch for security leaders navigating the blurred lines of IT and OT.

The post Why IT/OT Convergence Increases Cyber Risk in Critical Infrastructure appeared first on RunSafe Security.

The post Why Proactive Security Is Critical to Infrastructure Resilience appeared first on RunSafe Security.

The post How RunSafe Builds Security Into Its Software: Embracing Secure by Design for OT Systems appeared first on RunSafe Security.

The post Mitigating Zero-Day Risks in Critical Infrastructure with RunSafe appeared first on RunSafe Security.

The post How RunSafe Solves the Critical Memory Safety Problem in Infrastructure Security appeared first on RunSafe Security.

The post Future Trends in Aviation Cybersecurity appeared first on RunSafe Security.

The post RunSafe’s Long-Term Vision for Securing Critical Infrastructure appeared first on RunSafe Security.

The post The Biggest Misconception People Have About Securing Embedded Systems appeared first on RunSafe Security.

The post RunSafe’s Risk Reduction Analysis: Minimizing Zero-Day Risks appeared first on RunSafe Security.