Security & Penetration testing
– Nohau helps to identify security risk of the device and detect vulnerabilities early avoiding expensive consequences from attacks.
Cyber attacks on critical infrastructure are on the increase and are a growing concern for both system operators and the device manufacturers who supply equipment to these systems. Attacks on critical infrastructure can severely impact service uptime, data integrity, compliance and even public safety.
Nohau’s Penetration testing service identifies a security risk level existing in embedded software of a device and allows fixing security issues proactively. Nohau’s Service is a rapid, economical appraisal that identifies product security weaknesses and provides direction for further analysis. We offer a service that reveals quickly vulnerabilities in attacker-accessible communications interfaces.
- Provides evidence for further analysis
- Supplies direction for areas of greatest concern and justifies budget for further analysis
- Enhances product security
- Focuses on addressing most critical weaknesses and reduces need for product recalls
- Protects brand reputation
- Reduces the possibility of public vulnerability disclosures
- Consulting work 7 days depending on project scope
- An analysis of one device and one firmware/software
- Report describing the risk status and list of issues found
- Closeout meeting
- Executive summary
- Brief description of assessment
- Any identified vulnerabilities, areas of weakness and areas of concern. Listing information of issues found
- Scope for full assessment (as appropriate)
Unlike assessment services from other vendors, our service features work conducted by embedded software domain expert with the most advanced tools. All Nohau assessments are based on technical expertise developed over many years in ICS and security for embedded systems and related tools.
This service may also include or be extended by:
- Security Architecture Review
- Security Code Analysis
- Software development process assessment
An example of what we have done for a large (millions of units in the UK, IoT device for Smart metering) with some non-exhaustive examples is: