Cybersecurity testing: Building a "firewall" in the digital age
Under the wave of digital transformation, cybersecurity has become the cornerstone of corporate survival. A vulnerability attack may lead to data leakage, business interruption,
and even brand reputation collapse. Cybersecurity testing is like a "physical examination", which can detect system risks in advance, ensure compliance, and reduce risk costs.
It is a "stress test" for technical defense and a must for digital transformation of enterprises. Cybersecurity testing is not a cost, but an investment.
In today's increasingly complex threats, active defense can win the future.
Cybersecurity regulations in major countries/regions around the world
| Country or region | Regulations and standards | Effective time | Scope |
| EU | EU 2020/30 3 (3) (d/e/f) | 2025/8/1 | IoT devices under the RED directive, such as smart homes, mobile phones, wearable devices, etc., but do not include products under other specific directives, such as automobiles, medical devices, civil aviation and railway related systems. |
| ETSI EN 303 645 | Voluntary | Consumer IoT Products | |
| UK | PSTI | 2024/4/29 | The vast majority of consumer IoT products, such as smartphones, smart home appliances, smart home assistants, wearable fitness trackers, outdoor leisure products, connected children's toys and baby monitors, etc., but do not include desktop and laptop computers, vehicles, smart meters, electric vehicle charging points and medical devices. |
| USA | IoTs Cybersecurity Improvement Act H.R. 1668, No. 116-207 | 2020/12/4 | IoT devices (primarily those used by the federal government) |
AB 1906/SB 327 Act HB 2395 Act | 2020/1/1 | Networking products for sale | |
| NIST IR 8259A Core Benchmark for Cybersecurity Capabilities of IoT Devices | Voluntary | IoT devices | |
| NIST IR 8425 IoT Core Baseline for Consumer IoT Products | Voluntary | Consumer IoT Devices | |
| Singapore | Home Router Network Security Requirements IMDA TS RG-SEC | 2021/4/12 | Home routers and home gateways |
Cellular equipment protection network Singapore storm safety requirements IMDA TS CD-SE | 2023/1/2 | Cellular devices | |
| Cybersecurity Labelling Scheme CLS | 2020/3/1 | Level 1: Home routers and gateways are mandatory requirements. Other IoT products are voluntary, such as IP cameras, smart door locks, smart lights, and smart printers. | |
| Japan | Amendment to MIC Article 34-10 | 2020/4/1 | Uses Internet Protocol and configurable dedicated communication line terminal equipment, including routers, web cameras, etc. |
| Brasil | Telecommunications Equipment Cybersecurity Requirements Act Act 77/2021 | 2021/7/1 | All terminal equipment and telecommunication network infrastructure equipment that sends/receives data via the Internet. |
| CPE Equipment Cybersecurity Requirements Act 2436/2023 | 2024/3/10 | Cable modem xDSL modem Optical network unit (ONU) Optical network terminal (ONT) Router or modem for fixed wireless access Router or modem for fixed broadband access via satellite Wireless router or access point |
Services we provide
Basic service package
1. Provide technical consultation, interpretation and training services for various regulations;
2. Provide certification reports and certificates for EN18031 standards for IOT products;
3. Provide network security rectification services for IOT products to ensure that they meet the requirements of GDPR, RED, PSTI and other regulations.
Value-added service package
1. Provide guidance services for the establishment of network security laboratory systems for enterprises that need to build their own internal laboratories;
2. Provide network security automated testing software and equipment for R&D teams that need to conduct self-inspections in advance;
3. Provide emergency response services, penetration testing, auxiliary security operations and other services.
Our advantages
Less: Relying on professional network security capabilities, the information that customers need to submit for the certification report is reduced from 86 items to about 15 items.
We conduct threat modeling analysis on the product in advance, and only require users to submit a small amount of necessary information;
Fast: Relying on automated evaluation technology, the certification report cycle is shortened from 3 months to 1 month. Based on the automated tools developed by us,
50% of the test items can be automatically completed;
Expert: Led by the industry's top experts, with 11 years of industry experience, and professional certificates such as senior penetration test engineer,
senior network information security engineer, and senior software test engineer.
