Upstream and Karamba Partner to Deliver an End-to-End Automotive Threat & Vulnerability Management (TVM) Solution

Upstream and Karamba will demonstrate TVM at AutoCS trade show on September 7-8, 2023 in Beijing, China (booth B5-B6)

Ann Arbor, MI – September 4, 2023 – Karamba Security, a world leader in end-to-end product security, and Upstream Security, the leading provider of cloud-based cybersecurity and data management platform purpose-built for connected vehicles, announced today their partnership and the availability of an Automotive Threat & Vulnerability Management (TVM) solution. This is the first automotive purpose-built solution, designed to provide an end-to-end cyber risk analysis, boost visibility across the entire organization and ensure effective remediation for emerging cyber threats and vulnerabilities.

Expanding beyond traditional application and IT security frameworks, automotive cybersecurity executives have been accelerating the shift to ‘product cybersecurity’ paradigm, focusing on a holistic approach view of the entire vehicle lifecycle. Considering the ever-expanding mobility ecosystem, and the emerging attack vectors due to increased connectivity and software-defined components, services and applications, this new paradigm promotes vehicle-driven security, safety and trust across the entire automotive supply chain.

Powered by Upstream’s AutoThreat PRO® threat intelligence platform and Karamba’s VCode binary analysis software, TVM delivers a consolidated view of automotive-specific cyber threats and vulnerabilities. The solution offers a unique perspective based on deep and dark web research and a proprietary repository of threat actors, correlated with an SBOM-based view of the vehicle or fleet. Matching relevant vulnerabilities to threat intelligence findings, OEMs, Tier-1 and 2 suppliers, as well as fleet managers easily monitor, validate, prioritize and detect real-life vulnerabilities.

“TVM empowers a wide range of automotive stakeholders to ensure their vehicles’ security posture with accurate and updated visibility into automotive SBOM components, their vulnerabilities and exploitability,” explains Ami Dotan, CEO & Co-founder of Karamba Security.“ Together with Upstream’s deep and dark web research capabilities, TVM adds unique analysis of vulnerabilities, threat actors and risk levels based on automatically-generated software bill of materials (SBOM), the National Vulnerability Database (NVD) and the China National Vulnerability Database (CNVD) updates” adds Yoav Levy, CEO & Co-founder of Upstream Security.

About Upstream Security
Upstream provides a cloud-based data management platform purpose-built for connected vehicles, delivering unparalleled automotive cybersecurity detection and response (V-XDR) and data-driven applications. The Upstream Platform unlocks the value of vehicle data, empowering customers to build connected vehicle applications by transforming highly distributed vehicle data into centralized, structured, contextualized data lakes. Coupled with AutoThreat Intelligence, the first automotive cybersecurity threat intelligence solution, Upstream provides industry-leading cyber threat protection and actionable insights, seamlessly integrated into the customer’s environment and vehicle security operations centers (vSOC).

For more information, visit:

About Karamba Security
Karamba Security is the world leader in product security. Automotive OEMs, tier-1s and Fortune 100 companies rely on Karamba’s products and services to protect their vehicles and ECUs and meet demanding cybersecurity regulations, without interfering with R&D processes, or delaying time to market of their products. With more than 120 successful engagements, OEMs and suppliers trust Karamba’s award-winning solutions for compliance and brand competitiveness when protecting their customers against cyber threats.

More information is available at








以色列Herzliya和Hod Hasharon – 2023年9月[XX]日 –  Karamba Security是端到端产品安全领域的全球领导者,而 Upstream Security是专门为客户打造的基于云的网络安全和数据管理平台的领先提供商,今天宣布了他们的合作伙伴关系以及汽车威胁和漏洞管理 (TVM) 解决方案的可用性。 这是第一个汽车专用解决方案,旨在提供端到端网络风险分析,提高整个组织的可见性,并确保有效修复新出现的网络威胁和漏洞。


在传统的应用程序和IT安全框架之外,汽车网络安全高管一直在加速向 ”产品网络安全” 范式的转变,专注于对整个汽车生命周期的整体方法观。考虑到不断扩大的移动生态系统,以及由于增加的连接性和软件定义组件、服务和应用程序而出现的新攻击向量,这种新典范促进了整个汽车供应链中的以车辆为驱动的安全性、安全和信任。

由Upstream的AutoThreat PRO®威胁情报平台和Karamba的VCode二进制分析软件提供支持,TVM提供了汽车特定网络威胁和漏洞的综合视图。该解决方案提供了一个基于深度和暗网研究的独特视角,以及与基于SBOM的车辆或车队视图相关的威胁参与者的专有存储库。将相关漏洞与威胁情报结果相匹配,OEM、一级和二级供应商以及车队经理可以轻松监控、验证、确定优先级并检测真实存在的漏洞。


Karamba Security的CEO兼联合创始人Ami Dotan指出:“TVM可以帮助广泛的汽车利益相关者确保其车辆的安全态势,通过提供准确和更新的可见性,使他们能够深入了解车辆的SBOM组件、漏洞和可利用性。” Yoav Levy,Upstream Security的CEO兼联合创始人补充道:“TVM结合Upstream的深网和暗网研究能力,基于自动生成的软件材料清单(SBOM)、国家漏洞数据库(NVD)和中国国家漏洞数据库(CNVD)更新,增加了对漏洞、威胁因素和风险级别的独特分析。”


关于Karamba Security

Karamba Security是产品安全领域的全球领导者。OEM、一级供应商和财富100强公司依靠Karamba的产品和服务来保护其车辆和ECU,满足严格的网络安全法规要求,而不会干扰研发过程,或延误其产品上市时间。凭借120多个成功的合作中,OEM和供应商信赖Karamba在保护客户免受网络威胁方面的屡获殊荣的解决方案,以确保合规性和品牌竞争力。





Lital Cohen

[email protected]


关于Upstream Security

Upstream提供了一个专门为联网车辆构建的基于云的数据管理平台,提供无与伦比的汽车网络安全检测和响应(V-XDR)以及数据驱动的应用程序。Upstream平台发掘车辆数据的价值,使客户能够通过将高度分布式的车辆数据转换为集中式、结构化、情境化的数据湖来构建联网的车辆应用程序。Upstream与首个汽车网络安全威胁情报解决方案AutoThreat Intelligence相结合,提供业界领先的网络威胁保护和可操作的见解,无缝集成到客户的环境和车辆安全运营中心(vSOC)中。





Shira Sarid Hausirer

[email protected]


Newsletter Icon

to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

Upstream Welcomes ex-Fujitsu Executive to Expand Operations in Japan

Mr. Toshiya Sato will spearhead Upstream’s accelerated growth in the region; Upstream also releases the Japanese edition of its 2024 Global Automotive Cybersecurity Report 日本語プレスリリ�

More Details

Upstream Security and Drivesec Team Up to Offer Automated Penetration Testing with Real-time Threat Monitoring for Automotive and IoT

The joint offering expands and automates cyber risk assessments, testing, and compliance with product-driven threat intelligence as well as detection & response Torino, Italy &…

More Details

Upstream Security Receives Investment from Cisco Investments as the Demand for IoT Cybersecurity Soars

Connected vehicles and mobile IoT devices introduce additional layers of cyber risks, posing threats to operational availability and sensitive data security Read more on Cisco’s…

More Details

Upstream unveils Ocean AI to improve investigations and mitigation of complex cyber attacks

Upstream’s Ocean AI powers the next generation of the mobility and vehicle security operations center (vSOC), delivering unprecedented efficiencies, scalability, and optimizations Ann Arbor, MI&hell

More Details

Upstream Security Named Newest Member of CLEPA, the European Association of Automotive Suppliers

Upstream joins world-leading experts in contributing insight on critical policies in the field of cybersecurity in automotive Herzliya, Israel – March 14, 2024 – Upstream…

More Details

Upstream’s New 2024 Automotive Cybersecurity Report is Officially Released

Latest insights show that high-scale cyber incidents doubled in 2023, with attacks growing in sophistication and magnitude Ann Arbor, MI – February 7, 2024 –…

More Details