Security Advisor Tool

Security is critical in today's embedded / IoT Devices. Unfortunately securing a system typically requires quite some experience and knowledge. Security expertise and resources typically come with a premium price tag.

The Security Advisor Tool is able to run a security audit on Torizon Systems. While these audits are not meant to replace a security professional, it allows you to quickly gain a rough idea of their system’s security posture. The information provided by the Security Advisor Tool will allow one to make educated changes to the system to make it more secure or mitigate possible issues.

Security is a priority for Torizon. While TorizonCore itself may not ship completely secure, with the use of Lynis - an independent auditing tool - we create more transparency in what we ship and how it can be secured further.

Through the concept of layered security, it is less likely that your system becomes compromised even if one of the layers is attacked. Our end goal is to analyze and suggest changes to security at various levels:

Device

OS (TorizonCore)

Application Container

Connectivity / (Inter)Network

RESEARCH

Internal Research and Development

ALPHA

Very early public Alpha Release

BETA

Public beta

STABLE

Stable Version

Current Status

Current Project Features

Simple Installation

Available on Dockerhub for simple installation

Run Remote or on Device

Run remotely on a development PC or directly the device

Simple Web User Interface

A Web UI displays information in an intuitive and simple format

Extendable via REST API

All information is also available via REST APIs

Built with Open Source Technology

Auditing is done by the independent and open-source tool Lynis

Current/Future Use-cases

Current Use-cases

Remote/Local scanning of a Torizon system
Log viewer of scan output and results
Persistent scan history

Future Use-cases

Scanning of container systems/environments
Scanning of Torizon specific features (i.e. is OTA configured/provisioned?)

Security Advisor Tool