News from the Wire

ONEKEY achieves ISO/IEC 27001 certification

Thursday, June 18, 2026 — 17:14:08 (UTC)

ONEKEY Achieves ISO/IEC 27001 Certification, Reinforcing Its Commitment to Cybersecurity

ONEKEY, Europe's leading product cybersecurity and compliance specialist for manufacturers of connected and embedded systems, has successfully obtained the ISO/IEC 27001:2022 certification.

Düsseldorf, June 18, 2026 — ONEKEY has been awarded the ISO/IEC 27001:2022 certification, validating the effectiveness and continuous improvement of its Information Security Management System (ISMS). The certification underscores the company’s commitment to maintaining the highest standards of information security, data protection, and risk management.

ISO/IEC 27001 is the globally recognized standard for information security management systems. To receive certification, companies must demonstrate that they systematically protect information assets, identify and manage risks, and have established processes for continuous improvement.

The certification covers the development, operation, and delivery of the ONEKEY platform, which automates product cybersecurity and compliance management. The platform enables automated Software Bills of Materials (SBOMs), vulnerability management, and impact analysis. It also supports compliance with key regulatory requirements and industry standards, including the Cyber Resilience Act (CRA), IEC 62443, ETSI EN 303 645, UN R155, and many others.

"The security of our customers’ and partners’ information is our highest priority. Achieving the ISO/IEC 27001 certification confirms that we not only develop leading cybersecurity solutions for connected products but also operate our own systems and processes in accordance with internationally recognized security standards,” said Jan Wendenburg, ONEKEY’s CEO.

This certification provides additional security and transparency for customers in the automotive, industrial automation, medical technology, energy, Internet of Things (IoT), and other regulated industries. It confirms that ONEKEY systematically manages information security risks and ensures the long-term confidentiality, integrity, and availability of information.

This certification is especially important given the new challenges that regulatory requirements such as the Cyber Resilience Act (CRA), NIS2, and other international standards present to companies. With this certification, ONEKEY demonstrates its commitment to supporting customers in securing their products and to upholding the highest standards of governance, compliance, and information security.

"Trust is the foundation of all digital value creation. For us, the ISO/IEC 27001 certification is not just proof of compliance; it's also an important part of our corporate strategy and our commitment to providing quality to customers, partners, and investors," added Jan Wendenburg.

ONEKEY is the leading European specialist in Product Cybersecurity & Compliance Management and part of the investment portfolio of PricewaterhouseCoopers Germany (PwC). The unique combination of the automated ONEKEY Product Cybersecurity & Compliance Platform (OCP) with expert knowledge and consulting services provides fast and comprehensive analysis, support, and management to improve product cybersecurity and compliance from product purchasing, design, development, production to end-of-life.

Critical vulnerabilities and compliance violations in device firmware are automatically identified in binary code by AI-based technology in minutes – without source code, device, or network access. Proactively audit software supply chains with integrated Software Bills of Materials (SBOMs) generation. "Digital Cyber Twins" enable automated 24/7 post-release cybersecurity monitoring throughout the product lifecycle.

The integrated ONEKEY Compliance Wizard already supports compliance with requirements from IEC 62443-4-2, ETSI EN 303 645, UNECE R155, and many other standards and regulations.

As part of the EU-funded CRACoWi (Cyber Resilience Act Compliance Wizard) project, ONEKEY is collaborating with 13 European partners to develop an AI-powered assistant for the automated implementation of the EU Cyber Resilience Act (CRA).

The solution will guide companies through the entire compliance process—from the initial CRA scope assessment to the generation of the required Declaration of Conformity.

The Product Security Incident Response Team (PSIRT) is effectively supported by the integrated automatic prioritization of vulnerabilities, significantly reducing the time to remediation.

Leading international companies in Asia, Europe and the Americas already benefit from the ONEKEY Product Cybersecurity & Compliance Platform (OCP) and ONEKEY Cybersecurity Experts.

Further information: ONEKEY GmbH, Sara Fortmann, email: sara.fortmann@onekey.com, Toulouser Allee 19A, 40211 Düsseldorf, Germany, web: onekey.com

Notice to readers: These are archived articles. Contact information, links and other details may be out of date. We regret any inconvenience.

Source: Company press release.

Categories: Announcement