Explore the lessons learned from real-world vulnerabilities and an external third-party code audit in this insightful conference talk. Delve into the historical context of vulnerabilities reported in Zephyr, gaining a retrospective view on the evolution of security measures within the framework. Understand the security challenges encountered by Zephyr and the proactive measures taken to address them. Examine the outcomes of external code audits conducted on Zephyr, discussing findings, strategies employed to strengthen the framework, and practical insights derived from this audit. Gain tangible knowledge to enhance the security posture of Zephyr-based projects and learn how Zephyr emerges as a steadfast framework dedicated to fortifying the core of embedded development in an era of escalating threats to embedded systems.