In times of digitalization and connectivity, systems become more and more complex and the number of potential vulnerabilities increases.
With our profound expertise in security development and security testing we support you in identifying security threats as well as revealing and fixing ineffective protective mechanisms. To do this, our security experts analyze your systems, test the effectiveness of existing security functions and assume the role of hackers to carry out simulated attacks.
Our customers include OEMs and system suppliers from the following sectors:
Individual solutions
As a manufacturer- and industry-independent partner with a clear focus on your individual customer needs, we develop and test solutions for the specific security requirements of your product or system. Bertrandt is certified according to TISAX and offers confidential and secure handling of your data by our in-house experts.
One-stop provider
We deliver product security from one single source. Our services range from the examination of individual devices to complete systems as well as from function over communication to overall system testing. We analyze your products or systems for existing vulnerabilities and ineffective protection mechanisms and validate the implementation of your requirements.
Prevention of downtimes, follow-up costs and image damage
Our services help you to arm yourself against hacker attacks and thus avoid immense consequential costs, e.g. through drastic downtimes or product recalls, as well as possible damages to your image.
In the scope of risk and threat analyses, threats to products, IT systems or processes can be systematically recorded, structured and evaluated.
Identification of the systems, data and applications to be protected.
Documentation of the underlying architecture of all systems, data and applications to be protected
Identification of potential threats and possible security vulnerabilities
Documentation of the detected threats
Evaluation of the threats and assessment of the probability of their occurrence
Creation of a final overall threat picture
Parallel to the growing intelligence of vehicles and the increasing number of interfaces to the outside world, security functions are being developed as preventive measures against attacks. In the functional, integration and system test, the correct operation of individual safety functions as well as the proper interaction of the components and their effectiveness as an overall system are evaluated.
Derivation of test cases from the security concept
Requirements-based test on the basis of component or system specifications
Test of integration in the context of vehicle networking
To protect your products against unwanted access, our experts perform targeted attacks, uncover security issues and assess the vulnerability of your product or system for manipulations.
Penetration tests, robustness tests and web checks
White / grey hacking
Analysis, documentation and reporting of vulnerabilities
Optimized solution concepts for closing security gaps
Recommendations for risk minimization
The validation of security functions may require various types of test infrastructure. We are able to realize, provide and operate test systems ranging from purely software-based solutions to table-top setups and networked test benches.
Design and construction of component and system test benches
Provision and further development of our own test automation solutions
Security-specific tool know-how
Wireshark - analysis of data logs
Kali Linux - Linux distribution for penetration testing
Nmap - portscanning and version detection
Burp Suite and ZapProxy - web testing
Nessus - vulnerability scanning
Achilles - robustness testing
Defensics - protocol fuzzing
Metasploit - execution of known exploits
Aircrack-ng - vulnerability scanning WLAN
John the Ripper - test of authentications
Snmpwalk, DirBuster, nc, netstat
Automotive-specific tool know-how
Vector-Tools
dSPACE HiL toolchains
