Drones & UAS
Autonomy-grade software, under the same lens.
Uncrewed systems ship complex software stacks and long supply chains. The same threat-intel, vulnerability and SBOM monitoring applies, resolved to the exact component on the exact platform.
Complex stacks, mappedFlight controllers, companion computers, comms and payload software tracked from one SBOM.
Long supply chainsSupplier breaches correlated to the components they put at risk.
Links under watchThe radio, GNSS and ground-control software that connects the platform, monitored like any other component.
Evidence for reviewScores, decisions and suppressions recorded, ready for whoever audits your operation.
The estate you defend
A drone program is three estates flying in formation.
The aircraft, the ground segment and the cloud between them. Each carries its own software stack, and delivery or inspection operations multiply every one of them by the size of the fleet.
- The aircraft. Flight controller, companion computer, payload and comms firmware, often from four different ecosystems.
- The ground segment. Ground-control software and links carry commands; their vulnerabilities are flight-safety issues.
- The fleet effect. One vulnerable component ships in every airframe of the batch.
What applies
Young rules, real obligations.
The regulatory picture for uncrewed systems is still consolidating, but the product-security floor is already law in the EU.
EU CRA
Drones, controllers and their software are products with digital elements: SBOM quality, vulnerability handling and reporting obligations apply.
NIS2
Operators serving critical sectors, from inspection to logistics, can fall in scope as important entities.
Sector rules
Aviation authorities set airworthiness and operational approvals; a documented software inventory and vulnerability record supports those reviews.