Sternum joins the Zephyr Project as its first embedded runtime security partner.

As part of the Linux Foundation, Zephyr is a scalable, open-source real-time operating system (RTOS) delivering one of the world's most popular infrastructures for connected resource-constrained devices.

The partnership enables Zephyr’s community of IoT developers and device manufacturers - including innovators like Google, Intel, and NXP - to easily take advantage of secure OS, advanced runtime protection and threat detection, and continuous device monitoring for RTOS-based, low-resource devices.

The increasing risk of cybersecurity threats for the growing global number of connected devices did not go unnoticed by government and regulatory bodies. The US government, the EU government, NIST, FDA, and more have recently underlined the need for more advanced security controls - not only for new products that enter the market but also for legacy devices already in the field.

These new regulations and growing customer needs are a wake-up call for IoT manufacturers - many of which still rely on constant reactive security patching, lacking the on-device resources needed to deploy proactive endpoint defenses (e.g., EPP or XDR) that are considered the norm in other IT sectors.

Sternum enables IoT manufacturers to address rapidly evolving customer demands and market needs with a full-stack platform built for universal support of all Linux and RTOS devices. The platform offers a full suite of security solutions for embedded devices:

- Agentless runtime protection: Embedded Identity Verification (EIV™) is Sternum’s patented low-footprint technology that deterministically prevents exploit attempts, known attacks, unpatched vulnerabilities, zero-day assaults, and software supply chain threats.

- Continuous Monitoring: Sternum provides device and fleet-level insights that raise the bar for IoT observability, offering product, security, and engineering teams ready access to live and historical data, anomaly detection capabilities, advanced log management, and tools for remote debugging and contextual root cause analysis.

- Threat Detection: Sternum introduces XDR-like capabilities that triage data from mitigated attacks with device-level telemetry and AI-based insights to alert about ongoing attacks, emerging threats, malicious behavior, security blindspots, and suspicious activities.

“Sternum’s platform is a valuable addition to Zephyr’s partner ecosystem,” said Kate Stewart, Vice President of Dependable Embedded Systems at the Linux Foundation. “Sternum’s runtime security model enhances Zephyr's built-in security features by providing embedded developers and device manufacturers with additional security and monitoring capabilities, which they can implement with minimal complexity and zero performance compromises.”

“Zephyr is already the platform of choice for some of our largest customers, allowing us a clear view of how it’s being used to power medical devices, payment devices, gateways, and industrial infrastructure,” says Natali Tshuva, CEO and Co-Founder of Sternum. “We see growing demand from device manufacturers for advanced security controls, post-market surveillance capabilities, and threat mitigation that go beyond perpetual security patching. Our built-in support for the Zephyr operating system and toolchains allows us to address these needs and offer an easy way to bring our patented technology to all Zephyr-based devices.”