top of page

Get Grip on Product Security with SUM 

SUM is a vulnerability management platform for connected devices and systems. Built upon the principles of a strong vulnerability management process, SUM supports device manufacturer to identify, triage, address and report vulnerabilities.


Strengthen product security with the SUM platform throughout the IoT life cycle, covering development to maintenance: with an average life span of over 10 years, consistent vulnerability monitoring is paramount. The proactive approach allowed by SUM not only meets regulatory standards but also guarantees robust device security, safeguarding against cybersecurity threats.

SUM is the perfect fit for:

Key Features


SBOM management

Get accurate insight in all components present in your product, both third party and proprietary components. SUM is unique by monitoring both software and hardware components. Download your SBOM and HBOM in machine-readable and industry accepted formats such as CycloneDX and SPDX



Satisfy requirements from standards and regulations in your industry
(MDR (EU) 2017/745, ISO/SAE 21434, FDA Omnibus, IEC 62443, ETSI 303 645, UL2900, …

Image by Jean-Philippe Delberghe


Vulnerability Management

Manage identified vulnerabilities using a robust vulnerability management process. SUM shows all the identified vulnerabilities, but also gives remediation and mitigation options. Assign a status to each vulnerability and keep track of all open and closed vulnerabilities. Assign a policy to each project, view vulnerability deadline and close vulnerabilities in time.


Visibility & Control

The aim is not to reach zero vulnerabilities. The aim is to gain visibility into the vulnerabilities and have them under control. Manage risk according to your specific use case and the products intended environment.

Flexible, Efficient, Human-Centred Design


Cloud and on-site deployment

SUM’s modular architecture allows for both cloud-based and on-site deployment.


No source code required

We don’t need access to your source code. We believe in building extremely accurate Device Models (SBOM&HBOM) and minising false-positives using: SW building artefacts, interface information, defining hardware blocks, and a video call with our security expert.


Dedicated support 

Every project gets assigned a Project Manager and Security Expert. For doubts and questions you can always reach us.

How SUM works:


Device Model Creation

The first step is to identify all components in your device. This includes both software (SBOM) and hardware (HBOM) components. 

We call this complete set of components the 'Device Model'. We don't need access to your source code.


First Report

Receive login details to the cloud platform for you and your colleagues. During a video call we show you all platform features, as well as your initial vulnerability results.



Check both your Device Model and Vulnerability results on the cloud platform. You can also export the information, to share within or outside your organisation. 

The filter and sort options help you to identify priorities.



Succeeding reports

When you update, remove or add a component in your device, the Device Model should be adjusted accordingly. This can be automated by integrating our APIs in the CI/CD pipeline. 


Continuous support

We are here to support you.

Book a Demo

Want to see the full SUM platform in action? Contact us to schedule a one-hour demo and discussion of your specific use case. 


Just a question? Don’t hesitate to reach out, and we will get back to you shortly.

bottom of page