IT & OT Security Assessments - Cybersecurity services provider
CENSUS is an internationally acclaimed Cybersecurity services provider, supporting the needs of multiple industries since 2008. It has provided IT and OT security services to public and private organizations around the world, including defense primes, system integrators, intelligence and defense agencies, and Fortune 500 companies.
CENSUS services include IT& OT Security Assessments, Security by Design, Product Security, Secure Systems Development Lifecycle, Threat Modelling and Vulnerability Research aiming to cover the complex needs of today’s IT and OT ecosystems. Built upon CENSUS leading research, it provides high-quality InfoSec services for embedded systems,PLCs & SCADA Systems, RTOs and hardware components.
Furthermore, CENSUS uses the latest attack techniques along with the results of its in-house vulnerability research to identify common and acknowledged vulnerabilities and distinguish the possibilities of zero-day attacks. The scope of the tests is not limited, only to hardware and software resources, but also includes all aspects of the organizational structure, such as processes and human resources.
|Embedded and Mobile Devices Security Assessment|
The Embedded and Mobile Devices testing tests in a holistic manner the security of devices. Τhe testing includes device hardware, product enclosure, device communications, device input/output, device software, and firmware.
|Application Security Assessment|
Application Security Tests maybe “Black Box” security assessments for software, where CENSUS experts identify security issues without having the source code. Application Security Tests are carried out manually with the help of specialized tools and can be performed for all types of software including Web, Mobile, Desktop Applications, Operating System components and firmware.
Applications may be delivered for testing in source code format.
|Secure Software Development Life Cycle (SDLC)|
|A Secure SDLC is a development lifecycle that has been augmented by a special set of processes, whose goal is the development of products meeting high-security standards. Secure SDLC methodologies allow for the early mitigation of security risks, by identifying and fixing security vulnerabilities during the early stages of product development|
|Network Security Assessment|
|Network Infrastructure Testing examines all measures and controls used to implement security policies in an organization's network architecture, in order to assess the level of protection they provide. These include (i) Network Firewalls, (ii) Routers and Wireless Access Points, and (iii) Intrusion Detection/Prevention Systems.|
|Penetration testing is the process of testing an IT infrastructure for security vulnerabilities in a controlled manner. The penetration testing is conducted against specific organization assets or infrastructure components. The process varies according to the degree of knowledge provided by the client (Black Box testing, White Box testing, Gray Box testing, etc.); a mixture of these degrees of knowledge can also be applied for evaluating the effects of both insider and outsider attacks.|
The first step towards securing the military high-value systems is to identify the critical assets, and then ensure the security maturity of all the functions around them. For most cases, air-gapped architectures are no longer feasible to the same extent due to the increased requirements, and therefore more complicated architectures need to be adopted and implemented. CENSUS provides a variety of services that can identify design inefficiencies, gaps in the security architecture and software vulnerabilities in the actual implementation while providing practical recommendations towards their efficient mitigation.
CENSUS believes that it is critical for Security by Design principles to be implemented early in the development lifecycle of the product. For each phase, CENSUS offers a highly customized set of services, whose goal is tο develop products that meet high-security standards by following models such as Defense in Depth and Zero Trust. Defense in Depth involves multiple-layer security and redundant defensive measures in case a security control fails, or a vulnerability is successfully exploited on a system or network. Moreover, Zero Trust models are developed based on the assumptions that a user or a device cannot be trusted by default and the network faces both external and internal threats, expanding the user verification and granting the least-access privileges. These methodologies allow the early mitigation of security risks, identification, and resolution of security vulnerabilities in a cost-efficient manner.
Due to the increased demand of military information technology systems, it is inevitable that not all integrated solutions are developed in-house. Therefore, many commercial, off-the-shelf, products are purchased and integrated into the military network. A big concern is that commercial producers are becoming more and more globalized and expose themselves to the risks of complex and intrinsically vulnerable supply chains. Thus, they require vetting of their functions, along with secure integration and usage. CENSUS can execute these services and provide security assurance of the third-party solutions that are adopted.
CENSUS vulnerability research services ensure that a software product, a system implementation, or a new technology that an organization is planning to invest in meets strict security requirements and does not suffer from vulnerabilities. The company employs a top-down approach which allows the identification of the most exposed applications and systems in a client's IT environment, followed by a thorough investigation for unknown vulnerabilities in these elements.
Securing critical systems demands a strategy and proactive approaches to eliminate the risk. It is crucial to understand (i) the valuable assets, (ii) suppliers’ security level, and (iii) the risk posed by the supply chain. CENSUS provides detailed deliverables that empower clients to make informed strategic decisions towards new technologies and to choose the most secure solution that meets their requirements.
|CENSUS Europe |
128 A. Siggrou Ave.
Defense Industry Cybersecurity
As an internationally acclaimed IT Security services provider, CENSUS offers high-quality services to organizations worldwide since 2008. Through its cutting-edge research in the field of IT Security, CENSUS delivers state-of-the-art services supporting the needs of multiple industries, including Software & Internet services, Financial, Banking, Maritime, Insurance, Payments, Healthcare, Consumer Electronics and Telecommunications.