<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=112631&fmt=gif" />

Have you protected yourself from cyberthreats?

Interested in a laser-focused security analysis?
Walk through a brief set of questions and see how you fare.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
1. Is your system able to detect behavior outside of its intended function?
Great, sounds like you’ve paid good attention to detail. Not many define the bounded behavior of their system that enables this detection.
You may want to consider defining the bounded behavior of your system to enable this type of detection.
2. Does your process provide for continuous monitoring of Common Vulnerabilities and Exposures (CVEs) for the third-party components used by your system?
Good work. This sort of monitoring will help keep legacy third-party products protected and also create additional safeguards around those reaching end-of-life.
You may want to consider adding this capability to ensure that third-party components stay up-to-date and protected; this is especially important for older legacy products that may be reaching or have reached end-of-life.
3. Is your system able to detect and respond to unauthorized physical access?
Kudos on your anti-tampering efforts. When a customer’s device is opened, the attack can easily access critical data.
You may want to consider building up anti-tampering efforts to protect your data and intellectual property.
4. Does your system limit access to critical OS functions?
Nice job addressing issues of authorization and malicious software. Most systems have “*.*” access to the APIs of the OS, which is why ransomware is so rampant.
It seems you may need additional efforts around limiting access to critical OS functions.
5. Have you encrypted data at rest to help protect your intellectual property from being reverse engineered?
Great work in setting some protections around confidentiality of data at rest.
You may want to consider setting some protections regarding confidentiality of data at rest.
6. Does your system verify the integrity of its configuration files prior to processing them?
Good, you’ve done some work to maintain the integrity of data at rest.
Without the right protections, you may be compromising the integrity of data at rest, which can cause your system to be used for nefarious purposes.
7. Does your system take advantage of its hardware-driven secure boot mechanisms?
Nice. It seems you have a good understanding and awareness of your hardware and the benefits of its secure boot functionality.
You may want to get a deeper familiarity of your hardware and check to see whether secure boot mechanisms are available to ensure that the critical hardware root of trust is established in your system.
8. Does your system have a software-driven, trusted boot process that performs digital signature verification and symmetric decryption and is able to support your boot time performance?
Great, you’ve thought through the impact of security on your startup requirements. This is one way to help protect your IP.
Consider ways to better protect your IP. You may want to take another look at the impact of ensuring that your system starts with authenticated software.
9. Does your system separate its major functions using operating system mechanisms such as tasks, real-time processes, containers, processes, or partitions?
Good work. You understand that partitioning can help in the separation of function. Structuring an application as a generic mass of software doesn’t typically provide much benefit and is something to avoid.
Structuring an application as a generic mass of software doesn’t typically provide much benefit and is something to avoid. Partitioning can help in the separation of function and in protecting the impacts of a system being hacked.
10. Once notified of a significant security event or breach, does your system provide for a rapid clearing of critical information?
Great, sounds like cryptographic sanitization is an important matter for you. It is ideal to organize and design the protection of information in such a way that it can be quickly sanitized.
You may want to further organize and/or design the protection of your information in such a way that it can be quickly sanitized.

Your System’s Security Profile

Thanks for taking our survey. Here’s a high-level snapshot of how you fared.