Vilocify¶
Vilocify alerts you about vulnerabilities affecting software and hardware utilized in your products and infrastructure. Our unique monitoring approach ensures that you receive the relevant information based on your individual selection of third-party components. We achieve this by monitoring thousands of security sources using advanced technologies like natural language processing (NLP) in combination with in-depth analysis by acknowledged cybersecurity experts. Whenever relevant information is detected, it is analyzed and evaluated by our dedicated team. The processed information is then made available through the Vilocify Portal, the REST-API, and email notifications.
Monitoring Infrastructure¶
The Vilocify service monitors and aggregates vulnerability information from thousands of different sources, like (but not limited to):
- official vendor advisory pages
- vulnerability databases
- national CERTs
- security researcher exchange platforms
- source code repositories
Our monitoring infrastructure fetches information from many source formats and types, no matter if the information is made available within a web page, API, RSS feed, mailing list, etc.
Expert Analysis¶
The information generated by the monitored sources is then evaluated by a team of security experts. The information is assessed, filtered, enriched, and normalized. This allows us to create standardized security notifications, containing (amongst others) a description, a severity rating, and a recommended action.
Delivery Channels¶
Vulnerability information is then made available via our Portal or our REST-API.
Contact¶
Users of the Vilocify Service can send queries about content of Vilocify security notifications, technical problems or organizational issues to the Vilocify Team via email: svm.ct@siemens.com. Support is available in English and German. If you want to communicate encrypted via S/MIME, please download the certificate for svm.ct@siemens.com via our certBox.