Business Wire

Quectel IoT Modules Get High Security Scores From Cybersecurity Expert Finite State; Pioneering Cybersecurity Transparency Program Begins

Share

Quectel Wireless Solutions, a global IoT solutions provider, announced today that extensive testing by Finite State, a major cybersecurity consultancy, shows that Quectel’s products substantially exceed industry standards and best practices in multiple security measures.

Quectel engaged Finite State, a third-party expert security firm focused on managing software supply chain risk for the enterprise, to rigorously test Quectel’s IoT modules to demonstrate Quectel’s commitment to transparent, verifiable product security.

The first progress report released to Quectel concludes that its modules’ security score, as reflected in Finite State's risk profiling, started strong when testing began earlier this year and got stronger rapidly as Quectel implemented Finite State’s recommendations. The score improved across the modules tested from an average of 62 to 24 with the highest possible score being 10. The report underlines that this is a significant improvement in Quectel’s security posture with both the initial and current scores far exceeding the industry average score of 98.

"Quectel has embraced security and transparency holistically, in a way that we rarely see from other organizations. Their commitment to make SBOMs and VEX reports available to their customers will make the IoT industry more secure and transparent," said Matt Wyckhouse, CEO of Finite State. "They have built upon their existing security testing processes by integrating even deeper testing into their first- and third-party code, and they've responded to findings in their development process faster than others in their industry, resulting in risk metrics that place them in the top 10% of all connected products we've analyzed," Matt Wyckhouse continued.

Finite State focused its initial penetration testing and analysis on the most critical Quectel cellular modules sold in the U.S. The platforms verified by Finite State represent approximately 70 percent of all North American IoT modules shipped within the last 18 months.

“Quectel plans to continue this third-party penetration testing and security verification for all of its most critical modules and to make it an ongoing and life-cycle process. We also encourage and assist our device original equipment manufacturers (OEMs) customers to do their own third-party testing,” said Norbert Muhrer, president and CSO of Quectel. “These results will guide Quectel as we continue to enhance our cybersecurity implementation on our products. We encourage our competitors to follow us on their own in such approach to make the IoT industry the safe and trusted place our customers expect it to be.”

In addition to penetration testing of its key modules, Quectel announced the release of Software Bill of Materials (SBOM) and Vulnerability Exploitability Exchange (VEX) documents for its IoT modules. As an industry-first among IoT module manufacturers, these resources will be made available through the Quectel website. The SBOM and VEX documents will assist customers in this crucial task by providing machine-readable, comprehensive data. The SBOM documents will detail the software components and dependencies within each IoT module, along with licensing and provenance information. The VEX files will provide updated data on the vulnerabilities identified and their status.

Providing SBOM and VEX documents has a cascading effect on the entire IoT ecosystem. As a Module provider, Quectel is integral to the architecture of numerous IoT devices. The transparency and commitment to security will benefit all IoT products built on Quectel’s platforms.

“Our commitment to being both secure and transparent sets us apart,” Muhrer said. “By making this information readily accessible, we aim to empower our customers to make better-informed decisions about security risk assessment and patching prioritization and provide full transparency around our security posture. We are offering a full tool-box of security related measures and consulting to our customers to implement secure devices. Quectel is also collaborating with standards-setting bodies to help develop and then commit to achieving a stringent set of security requirements, including attainment of several key industry and government security certifications,” Mr. Muhrer added.

Separately, Quectel reiterated that its modules maintain the highest standards of data protection and security. “Quectel customers own and control all of the data collected by its modules. Quectel has no access to any of the device data,” said Peter Fowler, senior vice president, North America, Quectel. “Quectel is committed to delivering high-quality, best-in-class, secure IoT modules and go above and beyond industry standard practices by conducting independent third-party cyber security audits.”

Quectel retained Finite State in May 2023 to audit and penetration-test the security of its modules. Its ongoing work includes rigorous security testing, improved software supply chain visibility, and comprehensive software risk management.

About Quectel

Quectel’s passion for a smarter world drives us to accelerate IoT innovation. A highly customer-centric organization, we are a global IoT solutions provider backed by outstanding support and services. Our growing global team of 5,900 professionals sets the pace for innovation in cellular, GNSS, Wi-Fi and Bluetooth modules as well as antennas and services.

With regional offices and support across the globe, our international leadership is devoted to advancing IoT and helping build a smarter world.

For more information, please visit: www.quectel.com, LinkedIn, Facebook, and X.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

Media: media@quectel.com

About Business Wire

Business Wire
Business Wire
24 Martin Lane
EC4R 0DR London

+44 20 7626 1982http://www.businesswire.co.uk

(c) 2018 Business Wire, Inc., All rights reserved.

Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

H.I.G. Capital Announces the Sale of DGS S.p.A.11.6.2024 12:00:00 CEST | Press release

H.I.G. Capital (“H.I.G.”), a leading global alternative investment firm with $62 billion of capital under management, is pleased to announce that an affiliate has signed a definitive agreement to sell its portfolio company, DGS S.p.A. (“DGS” or the “Group”), a leading firm in the Italian Information Technology market, to DGS Co-Founders and management team in partnership with ICG, a global alternative asset manager. Since its inception in 1997, DGShas supported blue-chip customers in the design, integration, and maintenance of complex IT systems, with a specialization in digital transformation and cybersecurity services. The Group currently has over 1,900 employees, revenues of approximately €300 million, and maintains a group of highly loyal clientele. During H.I.G.’s ownership, DGS has tripled in size and consolidated its position as a leading Italian firm in cybersecurity services and digital transformation. DGS offers its clients sophisticated and proprietary digital transformation

Evertas Names Nick Selby Head of European Underwriting11.6.2024 12:00:00 CEST | Press release

Evertas, the world’s first crypto insurance company, has named Nick Selby as its new Head of European Underwriting. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240611141887/en/ Nick Selby, Executive Vice President and Head of European Underwriting at Evertas (Photo: Business Wire) Selby, an accomplished information and physical security professional, brings two decades of expertise in public and private sector information security, physical security, and complex incident handling, as well as seven years of experience leading teams securing billions of dollars in cryptoassets. Previously, his roles included VP of the Software Assurance Practice at Trail of Bits, Chief Security Officer at Paxos Trust Company, and Director of Cyber Intelligence and Investigations at the NYPD Intelligence Bureau. “Nick is an extremely valuable addition to our European team,” said Evertas CEO and Co-Founder J. Gdanski. “His public and private

Owlet utvider globalt fotavtrykk med lanseringen av medisinsk-sertifisert Dream Sock™ i Storbritannia og over hele Europa11.6.2024 11:00:00 CEST | Pressemelding

Owlet, Inc. («Owlet» or the «Company») (NYSE:OWLT), pioneren innen smart spedbarnsovervåking, kunngjør i dag den britiske og europeiske lanseringen av Dream Sock. Dette er en smart babymonitor med levende helseavlesninger og varsler for friske spedbarn mellom 0-18 måneder og 2,5-13,6 kg. Dette innovative medisinske utstyret gir foreldre helse og viktig informasjon i sanntid, noe som gir uovertruffen trygghet. Denne pressemeldingen inneholder multimedia. Se hele pressemeldingen her: https://www.businesswire.com/news/home/20240611820341/no/ (Photo: Business Wire) «Vi er svært stolte over å lansere Dream Sock til omsorgspersoner over hele Storbritannia og Europa og gi millioner av foreldre mer trygghet mens babyen sover,» sa Kurt Workman, Owlets administrerende direktør og medgründer. «Dream Sock er nå et globalt produkt som er anerkjent som medisinsk nøyaktig og trygt, etter å ha gjennomgått regulatoriske autorisasjoner og sertifiseringer innenfor flere geografier. I dag er misjonen vår

V-Nova Surpasses 1000 Patent Milestone in Media Technology Innovation11.6.2024 10:00:00 CEST | Press release

V-Nova, a leading provider of data compression solutions, video compression technology, XR technology, AI acceleration and parallel processing for a multitude of industries including media and entertainment, today announced its milestone achievement of 1000 active technology patents. This accomplishment underscores V-Nova’s dedication to research and development and its commitment to protecting its intellectual property globally. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240611724561/en/ V-Nova’s patent portfolio spans more than 50 different jurisdictions. Including over 400 patents in Europe, over 200 in the Americas, over 100 in the United States specifically, and over 200 in Asia. V-Nova forged new directions in data processing to enhance digital experiences, maximize efficiency, reduce costs, and increase sustainability. The company leads the way with key international data compression standards for the video indust

Alipay+ Reveals Top Scorer Trophy Design for UEFA EURO 2024™11.6.2024 09:24:00 CEST | Press release

Alipay+, a suite of cross-border mobile payment and digitalization technology solutions operated by Ant International and an Official Partner of UEFA EURO 2024™, today revealed the trophy that will be awarded to the most prolific marksman at the UEFA EURO 2024™ finale on July 14 in Berlin, Germany. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240610328619/en/ The UEFA Top Scorer Trophy presented by Alipay+ is unveiled for UEFA EURO 2024™ (Photo: Business Wire) Sculpted in the shape of the Chinese character “支” (pronounced zhi, and meaning payment as well as support), the trophy reflects Alipay+’s dedication to supporting consumers to enjoy seamless payment and a broad choice of deals using their preferred payment methods while traveling abroad. The character also resembles the fleeting moment of a barefooted striker poised to shoot, evoking the original beauty and power of football – a game that united people across the wo

World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye