Cyber-risk assessments should be conducted at least once a year or whenever significant changes occur with your business, your IT estate or your legal or regulatory environment. This engagement helps inform decision-makers, supports your risk responses and improves spending efficiency and cyber-resilience.
Helping you build secure embedded systems, from software to the supply chain.
BlackBerry QNX Security Services
- Our Expertise
- Our Technology Advantage
Our Technology Advantage
BlackBerry QNX Security Services
OverviewFor more than 35 years, BlackBerry has been synonymous with security. Let our team of embedded system security experts help you evaluate software assets to identify vulnerabilities and recommend specific remediation actions. From penetration testing to a holistic appraisal of your company’s security posture, our professional services team can assess and address security issues with your processes or products at every stage of your software development lifecycle.
Our ExpertiseOur security services are built on our expertise with embedded systems and long history of proven security experience. We help organizations assess the security of their code, both in development and in the field. Let our team of experts help you thwart cyberattacks, take advantage of emerging opportunities and overcome the technical limitations that are unique to embedded systems.
Our Technology AdvantageMany of our security service offerings rely on BlackBerry® Jarvis®, a cloud-based software composition analysis solution that blends system exploration technology and professional services to provide powerful capabilities for examining complete software products for security vulnerabilities. Because BlackBerry Jarvis extracts characteristics and attributes from compiled binaries, access to source code is not required to gain insights into the final product.
Predefined Security Service Packages
Open-Source Software Assessment
Software Security Assessment
WP.29 Readiness Assessment
The upcoming WP.29 regulation places an obligation on OEMs to be certified in order to release vehicles into markets covered by the United Nations Economic Commission for Europe (UNECE). This assessment service helps with compliance to the regulation by helping you understand conformity levels, your cybersecurity posture and the risks you may face.Read the datasheet
Security Control Maturity Assessment
We will help you develop or enhance your governance strategy, identifying maturity levels to pinpoint weaknesses. Understanding the maturity, the environment, your threats and risk will help you effectively prioritize remediation, manage resources, allocate spending and accelerate projects.
Policy or Documentation Review
We can help you build a systematic approach to complying with security expectations, laws and regulations. This review will inform your team of their duties by outlining procedures for collecting, storing and processing data. We will assist you in creating net-new policies, update current policies or recommend better compliance processes.
With an increased focus on “security by design” and an increase in connectivity in the IoT and embedded spaces, you need to understand how to adopt security practices within your development team. Our threat modelling capability provides a clear view of cyberthreats, enables measurement of security initiatives, presents trends and provides pragmatic evidence of the vulnerabilities and required mitigations.
Product IoT Strategy and Governance
Your cybersecurity plans should keep your organization, partners, customers and supply chain secure while still aligning with your wider business objectives. We assess your vision, resources, unique characteristics and security/data protection by design approach, then provide you with a roadmap, strategy and steps to reach your goals.
Third-Party Security Risk Management
Third-party security risk management assesses financial, operational, regulatory and cyber risks resulting from doing business with third-party vendors. We investigate the quality of open-source software and that from vendors and help you formulate the right processes to assess and interact with vendors.
Insider Threat Management
Insider cyberattacks are a leading risk for organizations. And the growing complexity of IoT and embedded networks can introduce the possibility of accidental threats by well-meaning insiders. We assess your vulnerability to insider threats and provide an analysis and set of recommendations for protecting your organization.
Hardware or Software Reverse Engineering
Reverse engineering involves dissecting a device to examine and test your firmware for security vulnerabilities. This service helps you understand how a device is built, its connections and how to manipulate the hardware or software for additional access and control.