Cybersecurity is critical to protecting our infrastructures. With the convergence of enterprise IT and product, IT to multi-purpose systems vulnerabilities and risks are increasing. Current cybersecurity standards provide guidelines to mitigate security risks in products, projects, and organizations. This webinar introduces systematic security engineering following standards such as ISO 21434. To learn for your own security testing, we will provide hands-on examples from Vector global projects.

Security verification and validation (V&V) must combine a variety of techniques from static analysis to fuzzing and pen test. While brute-force testing might sound appealing and easy to apply for the detection of weakness at any place, it is expensive, inefficient, and time-consuming. Grey-box security testing starts with a mini-TARA and on this basis, we identify the attack vectors and focus our testing based on identified assets and risks. With such novel security testing, vulnerabilities can be detected more efficiently, effectively, and with foreseeable results in a shorter time range. The described cybersecurity testing provides several advantages, namely:

Risk-based testing with a tailored and thus efficient grey-box methodology
Easy to understand, asset-related results with a clear structure
Prioritized list of findings based on the impact categories

In this industry practice presentation, we will show practical usage. An industry case study will illustrate hands-on how to tailor security V&V for new and legacy architectures.

About our speaker:
Prof. Dr. Christof Ebert is Managing Director of Vector Consulting Services GmbH. He supports companies worldwide in improving their product development and product strategy as well as in change management. He sits on various supervisory boards, is a professor at the University of Stuttgart and the Sorbonne in Paris, and the author of several renowned books. Twitter: @ChristofEbert.

More information about Vector Consulting Services: www.vector.com/consulting

More information on our training: vector.com/consulting-training

#VectorGroup #VectorVCS #GreyBoxtesting #Cybersecurity #Testing #Beratung #engineering #automotive #training #Schulung #coaching #Entwicklung #development #challenges #efficiency #quality