What Is UL 2900

UL 2900 is a set of standards that define general software cybersecurity requirements for network-connected products. It establishes testable criteria for identifying vulnerabilities and weaknesses in embedded products and systems, helping organizations minimize cybersecurity risks.

Related terms: coding standards, CWE, OWASP, security testing, static analysis

UL 2900: Examples in Context

A manufacturer of IoT devices seeks UL 2900 certification to demonstrate the security and resilience of their products against cyber threats, increasing consumer trust.

A cybersecurity consultant assesses a healthcare organization’s network infrastructure using the UL 2900 standard to identify vulnerabilities and recommend security improvements.

FAQs

Learn More

Text on left: SAST Tools: How to Choose the Right Solution. on the right is a large outline of a padlock with a keyhole filled with aqua-colored connector lines with a colorful background of pink, blue and green.

Blog

11 min read

SAST Tools: How to Choose the Right Solution

Add Static Analysis to Your Testing Toolbox

Blog

12 min read

Add Static Analysis to Your Security Testing Toolbox

Text on left in white font on dark blue background: Secure Coding Standards: Enforcing Secure Coding Practices With SAST. On right is padlock glowing in yellow framed with a circle of binary code and 8 lines like hands on a clock pointing to icons like keys, mail, computers and power buttons.

Blog

9 min read

Secure Coding Standards: Enforcing Secure Coding Practices With SAST

What Is UL 2900

UL 2900: Examples in Context

FAQs

What is the difference between UL 2900 and IEC 62443?

Does static analysis help enforce UL 2900 compliance?

What types of testing help achieve UL 2900 compliance?

Is UL 2900 mandatory?

Is UL 2900 recognized by the FDA?

Learn More