Leverage Our Expertise
Use our know-how to strengthen your security team
Research & Consulting
Think of Karamba as an extension of your security design team. Working in a variety of IoT sectors, our engineers specialize in creating cyber-protected products for today's connected systems. Having completed projects for over twenty systems involving various types of target devices, they can transform any objective into an actionable security plan, through an analysis of technical considerations, threat vectors, and vulnerabilities.
Our experts can also run training seminars and workshops for your security teams, so that they can apply the strategies & techniques necessary to protect your products and to assure compliance with cybersecurity standards such as ISO 21434 and UN R155.
The Threat Assessment & Risk Analysis (TARA) service examines your computer systems—from the cloud to the system and back. Our security experts analyze all hardware and applications to provide an in-depth analysis of the connected system’s risk and security posture. Detailed reports identify, prioritize and define cyber threat scenarios and recommend defense strategies for the lifetime of the device.
Defense Assessment for Connected Vehicles
Diving into the vehicle and cloud architecture, this service identifies potential vulnerabilities in vehicle components, including ECUs, bus networks, gateways, external connections, cloud applications and cloud-to-vehicle activity. After thorough analysis, our engineers provide mitigation steps—to minimize your security risks.
Code Review and Penetration Testing
Karamba penetration testing looks at the central components of connected systems. Our experienced red team tests possible exploits to determine where hackers could gain entry, and can also review your product’s source code thoroughly, to provide actionable insights.
To date, we've successfully completed two penetration testing projects with Karamba. In both cases, the researched systems contained several components (RTOS, Linux, Windows) and various communication protocols (Wi-Fi, Bluetooth, LAN). Overall, we were highly satisfied with Karamba's pen-testing process and delivered results. Karamba's process was delivered on time, and thorough, yielding significant security findings. Consequently, they allowed us to harden the cybersecurity of those products, improving the overall safety, quality, and value of our products to our customers.
Iftach Recht, System Engineering and Cybersecurity Manager (Stanley Healthcare Services, Stanley Black & Decker)
Karamba’s Secured Development training program provided a strong cybersecurity foundation for Aptiv’s engineering community worldwide. It provided technical best practices, threat and risk modeling, all within the current automotive regulatory framework of WP.29 and the ISO/SAE 21434 standard. Great work!
Kristie Pfosi, Director Cybersecurity, Aptiv
Our Tier 1 customer was developing a new automotive ECU in response to an OEM RFQ. The product needed to support Ethernet communication, and the timeline was very tight. With no set-up time, Karamba Research & Consulting was able to analyze the product capabilities and identify the possible security issues. Most importantly, the Karamba Research team determined how to mitigate the security risks in the ECU. They provided the customer with a comprehensive report, detailing threat scenarios and their security recommendations. The Karamba team also worked with the customer throughout the RFQ process to support interactions with the OEM.
Threat Assessment Use Case
Research & Consulting Advantages
Research & Consulting at a Glance
Understand the ECU threat landscape and gain actionable insights to leverage the expertise of a hands-on security team. Understand how hackers can gain control of ECUs and more.
Want to learn more?Contact Us
24 HaNagar Street
Tel: +972 9 88 66 113
41000 Woodward Ave
Building East, Suite 350
Bloomfield Hills, MI 48304
Tel: +1 248-574-5171
Landstr. 264, Munich
Tel: +49 172 3991 036