Correlens

Automotive

Built for how a vehicle is actually made.

From a signal in the wild to the exact ECU on the exact program. Correlens maps threat intelligence, supplier risk and vulnerabilities onto the real structure of a car: components, ECUs, interfaces and the standards that govern them.

Automotive
Down to the ECUFindings resolve to the specific component, ECU and interface, not a vague model-wide alert.
R155 / R156 alignedThe evidence a type approval and a CSMS audit ask for is a byproduct of the work.
Tier-n supplier riskA breached supplier is correlated to the exact parts and programs it puts at risk.
SBOM as the backboneOne bill of materials feeds vulnerability management and supply-chain monitoring alike.

The estate you defend

A vehicle is a network that happens to drive.

Domain and zonal controllers, an in-vehicle network mixing CAN and automotive Ethernet, radios and OTA on top. Every element runs software from a different supplier, on a different clock.

  • Domain and zonal architectures. Gateway, IVI, ADAS, telematics and zonal controllers, each with its own OS and update path.
  • Interfaces decide exposure. The same component scores differently on an isolated node than one bridged to the connectivity domain.
  • Software outlives the launch. Model years share platforms; a finding on one program usually matters to several.

What applies

The rules that reach a passenger car.

Type approval carries the cybersecurity load, and product and enterprise law stack on top.

R155 + R156 Both approvals are prerequisites for selling M, N and O vehicles in participating markets; all new vehicles since July 2024.
ISO/SAE 21434 The engineering framework auditors reference, from concept to decommissioning.
EU CRA Components and software placed on the EU market carry their own product obligations, with reporting duties from September 2026.
NIS2 Manufacturers and their digital supply chains can qualify as essential or important entities.

See it on your platform.

Book a demo