Sie haben Fragen?
emCVE-Watch
Early identification of security gaps
emCVE-Watch provides a service to check the common software components in your product for security gaps.
How does emCVE-Watch work?
At the beginning, the (software) components and versions of the Linux file system to be monitored are defined. For example, libraries and tools such as systemd or bluez.
This list is reconciled daily with the newly disclosed security gaps from known CVE (Common Vulnerabilities and Exposures) databases.
Database examples:
- Debian Security
- NIST

What happens when a security gap is found?
In case of a hit, we check how critical this security gap is for your monitored product.
Depending on the severity of the security gap, a recommendation is issued as to whether and when an update needs to be rolled out to fill this gap.
What we require from you:
- A list of the software to be monitored, even directly from an Elbe project, for example
- Information about your product, so we can get a picture, evaluate your system better and make targeted recommendations for the security gaps
What you get from us:
- 24/7 monitoring of your software (RootFS or just parts of it) for security gaps
- Timely information on security gaps affecting your system
- Severity assessment of the security gaps related to your product
What is not included:
- Notification of security gaps before they are known in global databases