ONEKEY

European product-cybersecurity platform automating SBOM generation, vulnerability management, and CRA compliance for connected-device makers.

CompanyCyber Resilience Act ComplianceCloudSelf-hosted

Pricing: Custom (contact sales)

Updated June 2026.

What is ONEKEY?

ONEKEY operates the ONEKEY Product Cybersecurity & Compliance Platform, which performs automated firmware analysis, SBOM generation, vulnerability detection, and zero-day discovery. Its Compliance Wizard maps product evidence against the CRA and other frameworks, and its CRA Fast Start program structures readiness assessment, SBOM creation, vulnerability management, and continuous monitoring. ONEKEY (formerly IoT Inspector) is part of PwC Germany's investment portfolio.

Best for: Device manufacturers wanting automated SBOM, vulnerability management, and CRA evidence generation across the product lifecycle
Pros
  • Automated, platform-driven firmware/binary analysis rather than purely manual consulting
  • Purpose-built CRA Compliance Wizard covering multiple product-security regulations in one tool
  • Strong European product-security positioning, backed by PwC Germany investment
  • Continuous monitoring across the product lifecycle, not a one-time audit
Cons
  • Software/platform-led: provides tooling and evidence, not formal conformity assessment or CE certification (not a notified body)
  • No public pricing
  • Technical product analysis focus; legal/organizational process consulting lighter than at full TIC firms

Key Features

CRA readiness assessment (CRA Fast Start)
Automated SBOM generation and validation (CycloneDX, SPDX)
Continuous vulnerability management and CVE prioritization
Automated impact assessment of CVEs in firmware context
Zero-day detection via static binary analysis
Compliance Wizard mapping to CRA, IEC 62443-4-2, ETSI EN 303 645, RED, UNECE R155
Open-source license and compliance detection
Export of compliance packages and statements of compliance

Sources & references

Where the information on this listing comes from. Always verify pricing and capabilities against the vendor before a purchasing decision.

ONEKEY — official websitePrimary source
ONEKEY platform overview
ONEKEY
ONEKEY — CRA and SBOM
ONEKEY
IoT Inspector is now ONEKEY
ONEKEY

Spot an error, or do you represent ONEKEY? Request a correction.

Quick Info
PricingCustom (contact sales)
ModelPlatform subscription + advisory
Founded2020
CloudYes
Self-HostedYes
Visit Website →

Last updated: Jun 17, 2026

ONEKEY Alternatives
View All Alternatives
pi3g
German embedded-Linux and IoT specialist helping SME manufac...TUV SUD
Global testing and certification body offering CRA readiness...SGS
World-leading testing and certification company that, throug...Bureau Veritas
Global TIC group whose cybersecurity unit delivers end-to-en...DEKRA
Major TIC organization offering CRA readiness, security eval...
Certifications
EU Cyber Resilience ActIEC 62443ETSI EN 303 645REDUNECE R155