Cybertrust Co., Ltd. will begin offering the latest version of MIRACLE Vul Hammer, a vulnerability management tool that automates the visualization and response of vulnerabilities inherent in servers and network devices, on March 5, 2025. This latest version has an expanded database, making it possible to detect vulnerabilities that are actually being exploited. This expanded functionality will help manufacturers who deliver to the EU in the European Cyber Resilience Act (CRA) to quickly respond to the vulnerability reporting obligation. In addition, the format of SBOM that can be imported and exported has been expanded.
CRA (EU) is a security regulation that will be partially implemented in the EU from September 2026 and fully applied in December 2027, requiring strict compliance with security requirements for all digital products and products containing digital elements sold within the EU.
From September 2026, manufacturers will be required to report to designated authorities within a specified deadline when a vulnerability that is being exploited is confirmed.
こちらもお読みください: Rohde & Schwarz launches new R&S ZNB3000 vector network analyzer ideal for high-volume production
The latest version of MIRACLE Vul Hammer supports the following databases to determine whether vulnerabilities are being exploited.
KEV indicates that a vulnerability has been exploited .
EPSS indicates the probability that a vulnerability will be exploited
This will help you detect vulnerabilities and meet the reporting requirements stipulated by the CRA. In addition to the
previously supported SBOM formats such as SPDX, the product also implements import/export functionality for CycloneDX. Support for the two major SBOM formats has made it possible to effectively manage SBOMs for a wider range of products. Vulnerability management using SBOM will help you appropriately meet legal regulations and compliance requirements such as those of the CRA.
Cybertrust will continue to enhance the functionality of MIRACLE Vul Hammer to enable early detection of vulnerabilities and efficient vulnerability management using SBOM, thereby supporting supply chain security measures and maintaining system safety throughout the software lifecycle.
ソース Cybertrust
