MediaTek has successfully implemented the global software security model Building Security In Maturity Model (BSIMM) assessment, making it the first company in Taiwan to be assessed using the authoritative security evaluation system.
MediaTek has also been authorized by MITRE to assign Common Vulnerabilities and Exposures (CVE) as a CVE Numbering Authority (CNA).
“MediaTek’s BSIMM assessment results and membership in the CNA program confirms our commitment to international standards of security management and technological capacity,” said Tiger Hsu, Product Security Officer at MediaTek. “MediaTek will continue to increase research, development and investment in product security as we enhance our product security management and our technological capacity, and aid customers when dealing with new security challenges.”
These international recognitions are an acknowledgment of MediaTek’s commitment to designing and providing secure, dependable and innovative products, and further demonstrate the company’s dedication to product security.
MediaTek supplies nearly two billion chips a year to global partners; creating secure products is part of its core mission. Security is considered throughout the development process, with control measures introduced through product requirements during the design, coding, testing and delivery process.
By completing the BSIMM assessment, MediaTek has aligned itself with international standards, ensuring the security of the chip design and related software development process.
As a CNA member, MediaTek can now assign CVE security vulnerability IDs to the company’s products and can receive vulnerability alerts from information security experts from all over the world.
MediaTek will continue to patch vulnerabilities and release security updates regularly openly and transparently, remind customers to apply the updates and patches via direct alerts, security bulletin notifications and other methods, and provide users with secure and dependable solutions to protect their privacy.
The company’s dedicated product security incidence response team (PSIRT) works closely with each business unit and collaborates with security experts from each product line to respond to and manage security vulnerabilities. MediaTek provides consumers with products that comply and surpass the latest security standards.