We support the building of a Product Incident Response Team (PSIRT) for your products and services.
Product security needs to be addressed not only during development, but also after production. Generally, when attacker's motivation, opportunities, and knowledge/technologies are satisfied, an attack could be performed successfully. Since IoT devices including vehicles are connected to the Internet, they are exposed to the attack opportunities. In addition, new vulnerabilities related to the Open Source Software (OSS) included in the products are daily reported, and we need to be prepared for to attacks that exploit them.
We support the development of internal rules/guidelines such as vulnerability information management and incident response procedures, to ensure that an organization get able to manage post-manufacturing security issues. We also provide support for ongoing activities after the establishment of the PSIRT, such as vulnerability information monitoring/management, alerting relevant organizations, and regular trainings for them.
Consultants with experience in the automotive industry provide a wide range of support, including the building of PSIRT systems and operation after establishment.