Not just "What Cybersecurity Is",
but "What to Do, and How to Do It"
During the past three years, loT and Automotive manufacturers and suppliers around the globe have benefited from Karamba's Product Security webinars, seminars and hands-on workshops.
Especially in light of the mandatory cybersecurity standards such as ISO 21434 and UN R155, our training services aim to:
- increase knowledge and understanding of the cyber world (issues, technologies, standards and trends)
- empower the participants to build more secure products
Our experts can aid your security teams in applying the strategies & techniques necessary to protect your products and to assure compliance.
Flexible Training Formats
- Software engineering and/or Executive management programs are available.
- Frontal lessons and guided hands-on workshops are combined as needed, to maximize the participants' understanding and familiarity with the topic.
- Seminars can be presented in person, or web-based at the organization's offices with remote Q&A during the sessions.
Training modules offered at present include:
- "Think Like a Hacker": Cyber Threats & Mitigations
- Industry Standards and Regulation - loT, Automotive Sectors
- Threat Analysis & Risk Assessment (TARA)
- Secure Coding
- Static Analysis & Code Review
- Hands-on hacker simulations
- Fuzzing & Pen Testing
Industry-specific topics - for example:
- Sensor Security (Threats, Attack Vectors, Mitigations)
- In-Vehicle Network Security (Threats, Attack Vectors, Mitigations)
- Executives and Product Management Overview
- TARA Workshop
- Exam & Certification
To date, we've successfully completed two penetration testing projects with Karamba. In both cases, the researched systems contained several components (RTOS, Linux, Windows) and various communication protocols (Wi-Fi, Bluetooth, LAN). Overall, we were highly satisfied with Karamba's pen-testing process and delivered results. Karamba's process was delivered on time, and thorough, yielding significant security findings. Consequently, they allowed us to harden the cybersecurity of those products, improving the overall safety, quality, and value of our products to our customers.
Iftach Recht, System Engineering and Cybersecurity Manager (Stanley Healthcare Services, Stanley Black & Decker)
Karamba’s Secured Development training program provided a strong cybersecurity foundation for Aptiv’s engineering community worldwide. It provided technical best practices, threat and risk modeling, all within the current automotive regulatory framework of WP.29 and the ISO/SAE 21434 standard. Great work!
Kristie Pfosi, Director Cybersecurity, Aptiv
Our Tier 1 customer was developing a new automotive ECU in response to an OEM RFQ. The product needed to support Ethernet communication, and the timeline was very tight. With no set-up time, Karamba Research & Consulting was able to analyze the product capabilities and identify the possible security issues. Most importantly, the Karamba Research team determined how to mitigate the security risks in the ECU. They provided the customer with a comprehensive report, detailing threat scenarios and their security recommendations. The Karamba team also worked with the customer throughout the RFQ process to support interactions with the OEM.
Threat Assessment Use Case
24 HaNagar Street
Tel: +972 9 88 66 113
41000 Woodward Ave
Building East, Suite 350
Bloomfield Hills, MI 48304
Tel: +1 248-574-5171
Landstr. 264, Munich
Tel: +49 172 3991 036