Cyber Security Tools

Product overview

Features

  • Automation Test

    The tool supports one-click testing.Users can select appropriate penetration function items and configure parameters based on the test object and test purpose.

  • Real-time Monitoring During Test

    The tool supports real-time display of message data on CAN bus channels, which is convenient for positioning and analysis during the test.Users can filter, store or clear messages.

  • Four Test Subsystems

    Hardware Security, In-vehicle Communication Security, External Communication Security, Software System Security

  • Compliance Testing Sevice

    Data Security Compliance Package, Automotive Software Security Upgrade, R155/Technical Requirements for Vehicle Cybersecurity, 40855/40856/40857

Value advantage

  • Function items are automatically generated

    The tool embeds the penetration function item, from the execution of function items to the generation of test reports, and fully realizes the automatic operation. At the same time, it provides a system test method that can be followed to ensure that key steps in the test process are not ignored, thus saving test time.

  • E2E、SecOC

    The tool complies with the AUTOSAR specification, supports simultaneous simulation of the sending node of synchronous messages and the sending/receiving node of secured messages; supports multiple MAC encryption algorithms, provides a high degree of freedom in parameter configuration, and supports tampering with secured messages and replaying.

  • Customizable product forms

    Supports cabinet, laptop, and other formats to adapt to different testing scenarios

  • Customizable test cases

    Allows customizing test case parameters and packages for tailored testing

  • Compliance testing service support

    Built-in with multiple compliance standard test case packages, such as R155

  • Dynamic Secure Version Recommendation

    Provides dynamic solutions, recommending upgrades to the secure version closest to the user's current version to ensure compatibility. If multiple vulnerabilities belong to the same compositions, a unified version will be recommended for repair.

  • Flexible User-Built Dependency Library

    Supports enterprises in independently constructing vulnerability databases and open-source software knowledge bases. The tool can promptly detect whether a project has introduced a specific dependency or vulnerability. Also, it provides an open API that supports flexible customization.

  • Full-Scale Composition Firewall

    Users can set rules based on vulnerability risk levels, licenses, and compositions white/blacklists, automatically preventing risky compositions from entering private repositories to avoid problematic compositions from entering the software development lifecycle."

  • High-efficiency Agile Development

    Supports discovering code issues during the coding process and locating them down to the line, quickly providing repair suggestions. It performs automated policy execution based on user-defined rules during the build phase, timely blocking to achieve shift-left security.

  • Highly customizable

    The tool not only supports multiple attack methods on CAN bus, but also supports users coding according to their own needs. The tool supports custom test report templates, and can provide multi-dimensional system security analysis based on customer needs.

  • Multiple Hardware Vendors

    The tool supports mainstream hardware devices such as Vector, TOSUN, and also support more hardware devices of other manufacturers according to customer needs.

  • Automatic generation of test reports

    Test reports are auto-generated and provided with relevant remediation recommendations

  • Third-party tool integration

    Supports third-party tool integration based on customer requirements

  • Data Visualization Workspace

    Provides management teams with a visual display of the entire enterprise's open-source assets, accurately grasping used open-source compositions, open-source vulnerabilities, vulnerability change trends, and more. This aids in intuitive statistics collection and helps businesses manage their security assets.

  • Real-time Monitoring and Precision Push

    Monitors open-source software vulnerability intelligence in real time, linking related projects of the user to ensure timely responses. Provides configurations for email and DingTalk transaction tracking tools for targeted reminders and precise issue information push notifications.

  • Protocol Modeling, Full StateMachine, Full Field Coverage

    For each protocol, the tool uses protocol modeling to build test cases, thereby ensuring100% coverage of protocol state machines and fields.

  • Automatic Test Case Generation, Based on Black Box Testing Principle

    The tool uses a black-box testing approach, with no need to access the source code during use. The tool embeds test scripts, from test case generation, management, execution, to report generation, fully automating the operation.

  • Public Test Cases, Facilitating Problem Location and Replication

    Every test case of the tool is open to users. Users can view the interaction flow and specific content of test case packets and how exceptional cases are generated.

  • Supports Server-side and Client-side Bidirectional Testing

    The tool provides bidirectional testing for some specific protocols from both server and client side, ensuring complete coverage of protocol packets.

  • High Customizability

    Users can add and customize based on the existing protocol templates or rules of the tool, meeting the feasibility depth requirements of fuzz testing. Supports customized test report templates, providing multidimensional system security analysis based on customer needs.

  • Supported Standards

    N/WP29 R155, T/GHDO 89.2-2022, 20214422-Q-339, GB/T 40861-2021, GB/T 40857-2021, GB/T 40856-2021

Typical applications

  • Vehicle Manufacturers

  • Component Suppliers

  • Inspection Agencies

  • Vehicle Manufacturers

  • Component Suppliers

  • Automobile Manufacturers

  • Software Developers

  • Financial Industry

  • Inspection Agencies

  • Vehicle Manufacturers

  • Component Suppliers