According to the information security evaluation system and the specific needs of customers, the security applications and functions adopted by customers are verified to ensure that the security applications in the tested objects can play their functions normally, and the vulnerabilities or logic hidden dangers in the security functions can be found.
By simulating the techniques and methods of malicious attackers, the security control measures of the target system are frustrated, corresponding information and permissions are obtained, and a security test and evaluation method with hidden security risks of business impact consequences is found.
Through information collection, threat modeling, threat analysis, scheme formulation, test execution, test report and other main processes, complete the overall security assessment of the tested object.
To build compliance testing capabilities for all types of standards issued by the CAAC.
At present, safety test system and scheme construction have been carried out for the following safety-related standards to help customers better cope with the compliance test that has come or will come:
TICPSH, as one of the member units of automobile information safety standards Group, closely follows current events and the trend of standards, closely promotes the in-depth and expansion of compliance testing capabilities, establishes information safety testing system, and improves the quality of safety testing services.