Plan Software and Cure53 announce IT Security Partnership in the field of strategic online-configuration-applications
You are a medium-sized producing and service providing company and successful in the market for years. Innovations like the internet, linking of devices and Web 2.0 are used in your company as well as different computers, mobile phones and programs of large software companies. Information security is provided by your own EDP department and appropriate service provider and supplier.
In the current news, more and more is told about incidents and attacks on the IT especially concerning large and medium-sized companies. The fact that you did not have any worrying incidents makes you feel secure and uninvolved. Every now and then, new products or versions for safeguarding are acquired and regularly you see warning notices on your computer so it seems that everything is working. But through increasing networking of systems also in the context of Industry 4.0 completely new risk scenarios arise, which can only be averted through proactive action:
- Due to a security gap, possibly also through several intermediate steps, third parties get access to confidential and sensitive data,
- Due to a Denial-of-Service attack, applications that are accessible from outside and strategic important, are indirectly paralysed (ex. CRM, ERP),
- Computers are infected by a malware and fail due to so-called worms,
- Employee data are spied out and costs for the company arise with the login credentials of the employees, due to so-called Trojan horses.
Proactive action is needed…
Security in networked systems is not a product but must be considered as a continuous process which illuminates, optimizes, hardens, tests and analyzes the existing and newly developed software bit by bit. For this process, teams from Plan Software and Cure53 develop together tailored concepts in the future. For this, the following suitable tools, depending on the application, are used to secure easyKAT® based networked systems:
- The classical “Pentest”: In this case we take the position of the attacker and try with all legal provided tools to enter as deep as possible in the application or infrastructure. This measure as result offers an excellent view on the so-called “vulnerability of the application”. Of course this test happens only in close collaboration with the client and will be discussed and coordinated in all details.
- The thoroughly IT-Audit: An audit allows a precise insight in the application and its surrounding to the tester and often discovers security gaps which remain hidden for the external eye. Such an audit of the source code in conjunction with a Pentest has proved to be the most effective and efficient measure to secure small and big applications and infrastructures, and is made use of the most. Staff of Cure53 and Plan Software work together and bring their extensive know-how in the field of IT Security and configuration- and ecommerce- applications together.
- On site consulting and training: We advise and train employees of the IT and development departments on site. In personal ambience, security risks can be discussed, shown at an example and debated. Certainly, the consulting in the field of protection and curing of existing systems is not missed out. If relevant changes on the easyKAT®-application or the infrastructure happen over time, tests and the audit can be repeated with little effort.
If relevant changes on the easyKAT®-application or the infrastructure happen over time, tests and the audit can be repeated with little effort.
We are happy to provide consulting on the possibilities of protecting your online-system – Please contact us!
Cure53 introduce themselves
Cure53 (https://cure53.de/) was founded in February 2007 and employs today 15 security experts in the field of web- server- and application security. Furthermore the thematic focuses of Cure53 are cryptography, hardware security and the Internet-of-Things (IoT).
Cure53 is located in Berlin and is led by Dr.-Ing. Mario Heiderich, a renowned security researcher and penetration tester. Cure53 does not market any products but publishes for a decade now Open-Source Tools and free software in the field of security. Publications, penetration test reports of popular Open-Source Tools and research papers as well as presentations can be downloaded for free on the Cure53 homepage.
The customers of Cure53 include enterprises such as Google Zürich, Microsoft Redmond, Facebook, LinkedIn, Open Technology Fund Washington, Deutsche Post, STRATO, various German cities and communities such as dozen other top-class enterprises from all over the world.