Identify and check technical vulnerabilities
Many industries today are vulnerable to cyberattacks, and the automotive industry is no exception. To improve automotive cybersecurity, VicOne offers Pen Testing Services that provide deep assessment of an entire vehicle and consider security risks from existing threats and zero-day exploits. By leveraging the automotive cloud analysis platform, innovative research on the latest threats, and our expertise in cybersecurity, these services deliver the latest risk status and provide fixes or migration recommendations.
Specialization for the Automotive Industry
- Identifies electronic control unit (ECU) and in-vehicle infotainment (IVI) hardware and software vulnerabilities
- Checks the integrity of over-the-air (OTA) security updates for possible compromise
- Identifies possible attacks on communication protocols
Equipped With the Latest Intelligence
- Uses a known vulnerability exploitation test to check for known CVEs
- Performs an exploitability test using known tools and techniques to find any missed vulnerabilities
- Conducts a zero-day exploitability test to locate vulnerabilities
Fulfills Automotive Compliance
- Adapted UNECE WP.29/R155 and ISO/SAE 21434 compliance
- Following both the Open Source Security Testing Methodology Manual (OSSTMM) and the Open Web Application Security Project (OWASP)
- Provides expert recommendations for migration or fixes
How Pen Testing Works
Pen Testing Services have a target range that can accommodate hardware, software, firmware, document data, and even an entire vehicle. These services include a risk assessment report, a migration plan suggestion, and a Q&A with a pen testing expert at the end of the process.
Pen Testing Integration
After conducting the penetration testing, our experts will provide the results for an understanding of the potential impact of the vulnerability risk. This threat knowledge will then be included into xNexus and an IDPS Virtual Patch can be created to mitigate this risk.
ISO/SAE 21434: Securing Tomorrow's Connected Cars
Connected Car Vulnerabilities Affect the CAN Standard