|Supplier Slogan||Consulting & Innovation.||Where power gets smart||Critical Infrastructure Made Secure.||We create trust|
|HQ Location||United States||Germany||Israel||United States||United States||Germany|
|Revenue||< $10m||< $10m||< $10m||< $10m||$10-100m||$10-100m|
|Employees||11 - 50||11 - 50||11 - 50||< 10||51 - 200||51 - 200|
|Website||Open website||Open website||Open website||Open website||Open website||Open website|
ISE is an independent security consulting firm headquartered in Baltimore, Maryland dedicated to securing high value assets for global enterprises and performing groundbreaking security research. Using an adversary-centric perspective driven by our elite team of analysts and developers, we improve our clients’ overall security posture, protect digital assets, harden existing technologies, secure infrastructures, and work with development teams to ensure product security prior to deployment.
UNITY Consulting, an affiliated firm of UNITY AG, is a management consultancy for future-oriented corporate management. They create bottom line oriented innovative processes and business models – from the initial concept to execution.
Nation-E is a global leader in Critical Infrastructure Cyber Security. We offer innovative solutions for defending industrial infrastructure and the smart grid environments. In a turmoil world where cyber security attacks are on the rise, Nation-E is committed to protect vulnerable critical assets. Our cutting-edge solutions, Energy Firewall? and Energy Cerebrum?, are specifically tailored to offer maximum protection for the Operational Technology landscape, where most critical infrastructure assets are connected via serial ports. Focusing on the last-mile of distributed energy assets, our platforms embed cyber-security, risk management, big-data analytics, and full command and control capability into previously unprotected infrastructure. We excel in shielding from a variety of threats and vulnerabilities such as smart-grid hacking and insider threats. The company was founded in 2012 by Daniel Jammer, a renowned entrepreneur, industrialist and philanthropist. Our clients who are protecting their critical infrastructure include Air/Sea ports, Financial Services, HLS and Public Utilities and more.
Applied Risk is focussed on critical infrastructure security and combating security breaches that pose a significant threat.
Founded in 2001, Keyfactor empowers enterprises of all sizes to escape the exposure epidemic – when breaches, outages and failed audits from digital certificates and keys impact brand loyalty and the bottom line. Powered by an award-winning PKI as-a-service platform for certificate lifecycle automation and IoT device security, IT and infosec teams can easily manage digital certificates and keys. And product teams can build IoT devices with crypto-agility and at massive scale.
TÜV Informationstechnik (TÜViT) is 100 percent about IT security. It is part of our DNA, and has been since 1995. At TÜViT, IT security is not a trend and it is not hype: it is embedded in virtually everything we do and all of our 120 employees have signed up for. Our experience and skills are totally dedicated to security in information technology. Over 50 per cent of the DAX 30 and many international companies already benefit from TÜViT-tested security.
... is our credo. The TÜViT experts are not subject to any conflicting goals, as they have no obligations towards product suppliers, system integrators, shareholders, interest groups or government agencies.
In addition, numerous accreditations as well as certificates of national and international organisations prove our independence
TÜViT continues to develop the best available technology in numerous research projects and (standardization) committees.
What applies to cars, machines, plants or buildings is also offered by TÜViT as part of the TÜV NORD GROUP for your IT: for hardware, application systems, infrastructure, products, processes or software. The TÜV seal and the certificates indicate to your clients that they can rely on the products and services. And if you have to comply with certain standards and procedures for evaluation authorities, TÜViT shows you how you can best achieve this. TÜViT identifies risks well before they cause any harm, and joins you in guiding your business to success – you can rely on it.
At the same time, we protect your most valuable asset, which is becoming more important all the time in the course of digitization: your data. New digital business ideas are based on data: With TÜViT, you have a reliable and experienced partner, which supports you not only with all your data, information and IT security issues, but also with Data Privacy.
System resiliency doesn’t happen by chance; instead, its’ roots can be traced directly back to Threat Modeling. A threat model is a critical aspect of any security program, and is the foundation upon which any resilient system must be built. In most engagements, ISE works with the customer to build out the threat model, identifying and describing the three primary components of this crucial security plan: assets, adversaries, and attack surfaces. Without a threat model, an organization does not have a security plan in place. With a threat model, an organization can effectively consider risk and make informed decisions about how to reduce it.
Adversaries are human. As such, we use human intelligence to perform manual assessments to discover all possible ways compromise could occur. Manual assessment entails thorough investigation of ways in which a dedicated adversary could manipulate a system’s functionality for unintended consequences. ISE investigates manually in order to emulate the level of care that a committed adversary would apply in the pursuit of an attack. Automated tools do serve a purpose in any investigation, as running such tools is the first step that any attacker would take. However, it is only with manual assessment that higher level, sophisticated, custom attacks can be defended against.
We dig deeper because it matters. Customization is a critical component to any successful security assessment. As all systems are custom, so, too, are all ISE security hardening processes. ISE utilizes a white box methodology, wherein ISE reviews all publicly and privately available documentation and design documents, workflow diagrams, firewall rules, and any other supporting documentation. ISE interfaces with key engineers as well as business and technical leadership. From there, ISE designs and performs custom tests, both to gather more information about how a system operates and is implemented, as well as to test for custom-tailored, unique security vulnerabilities. These assessment tasks are predominantly manual, and involve strategic thinking from the perspective of the adversary.
ISE does not perform security assessments for the sole purpose of finding problems. Instead, we do it to provide solutions. While it is important to identify security problems, it is equally important to identify effective solutions. ISE devises proven mitigation strategies that dovetail with business objectives, and then works with client engineers to ensure they are well understood, properly implemented, and do not introduce any new vulnerabilities. ISE assists the customer in developing and adapting the mitigation roadmap as business needs, industry conditions, and stakeholder demands evolve over time.
Now that the internet has exerted disruptive change on business in the form of e-commerce, the manufacturing industry is next. UNITY thinks that the main fields of action for companies are introduced: Digitization, i.e. an increased degree of automation to boost productivity, and the development of new business models to generate services and sales. UNITY supports companies on their path towards Industry 4.0. Their board range of services - from product development topics to services and sales to optimum order development - forms the ideal basis for target-oriented Industry 4.0 consulting.
Applied Risk provides a range of Industrial Control Systems security solutions for its clients.
The company’s range of solutions consist of IACS security, ICS/SCADA security assessment and Penetration Testing, RVA assessment, embedded security assessment, medical devices security assessment, and IoT Security assurance. It offers its services to firms in the power, pharmaceutical, oil and gas, water, manufacturing, and chemical industries.
Keyfactor, formerly Certified Security Solutions (CSS), is a leading provider of secure digital Identity Management solutions that enables organizations to confirm authenticity, and ensure the right things are interacting in the right ways in our connected world.
Evaluation and Certification of SIM, eSIM, iSIM and nuSIM (Deutsche Telekom)
Software (Source Code) Analysis (Code Matrix)
Evaluation of Systems and Components against IEC 62443
Post-Quantum Security Consulting and Analysis
AI IT-security assessments and evaluations
GDPR assessments and audits
We serve numerous industries and have been honored to partner with some of the world’s leading pioneers like Disney, Google, Amazon, Microsoft, Netflix, Warner Brothers, Qualcomm and many more.
Deutsche Post DHL
|Technologies||Cybersecurity & Privacy||Cybersecurity & Privacy||Cybersecurity & Privacy||Cybersecurity & Privacy||Cybersecurity & Privacy|
|Industries||BuildingsOil & GasUtilities||AutomotiveChemicalsHealthcare & HospitalsMarine & ShippingMiningNational Security & DefenseOil & GasPharmaceuticalsTransportationUtilities||AutomotiveFinance & InsuranceHealthcare & HospitalsRetail|
|Functions||Process Manufacturing||Field Services|
|Services||Cybersecurity Services||Cybersecurity ServicesData Science ServicesSystem Integration||Cybersecurity Services||Cybersecurity ServicesTesting & Certification||Cloud Planning, Design & Implementation ServicesCybersecurity Services||Cybersecurity ServicesSoftware Design & Engineering ServicesTesting & CertificationTraining|
|Infrastructure as a Service (IaaS)||None||None||None||None||None||None|
|Platform as a Service (PaaS)||None||None||None||None||None||None|
|Application Infrastructure & Middleware||None||None||None||None||None||None|
|Analytics & Modeling||None||None||None||None||None||None|
|Cybersecurity & Privacy||Moderate||None||Minor||Minor||Moderate||Minor|
|Networks & Connectivity||None||None||None||None||None||None|
|Processors & Edge Intelligence||None||None||None||None||None||None|
|Automation & Control||None||None||None||None||None||None|
|Partners||Industrial Internet Consortium (IIC)|