Business Publication

Bureau Veritas partners with Onward Security Corporation to launch Security Assessment Service in Taiwan

2 déc. 2015

Bureau Veritas partners with Onward Security Corporation to launch Security Assessment Service in Taiwan

Taipei, Taiwan, 2 December, 2015 – Bureau Veritas, a global leader in testing & certification of technology products, and Onward Security, a leading brand in security assessment solutions, have partnered to offer network product security assessment solutions. 
There are many publicly available research reports available covering the challenges around information security; some chart the cost per data breach at around $4 million USD per company, others that 70% of all organizations will experience a breach in 2015. Understandably, consumers, board members and the C-suite are no longer ignoring the dramatic impact a data or information breach has on company reputation, never mind the bottom line or opportunity cost. 
As such, an all-embracing approach to product security is essential to the safe and secure operation of an organization’s information technology (IT) systems. By applying techniques such as penetration test, reverse engineering and fuzzing test; organizations can identify and assess the vulnerabilities of their products, and ultimately systems and networks, and take steps to improve their overall security. In support of this increasing challenge, Bureau Veritas and Onward Security’s portfolio of security assessment services includes: 
Vulnerability Assessment 
• Identification, quantification, and prioritization (or ranking) of the vulnerabilities in an IT system or product. 

Penetration Test 
• A planned software attack on a computer system in a test environment that assesses security weaknesses, potentially gaining access to the computer's features and data helping determine:
   o whether a system is vulnerable to attack
   o if the defenses were sufficient, and, 
   o which defenses (if any) the test defeated.
Fuzzing Test 
• The provision of invalid, unexpected, or random data to the inputs of a computer program. The hardware/software is then monitored for exceptions such as crashes, failing built-in code assertions or potential memory leaks.

Denial of Service Test 
• A series of tests with the objective of verifying that the servers aren't susceptible to a denial of service attack. A common test is to simulate the saturation of the servers through sending vast amounts of requests to the web application. 
Mr. Lancelot Su, Vice President of Bureau Veritas CPS in Taiwan stated, “Both technology product designers/manufacturers, as well as users such as telecoms carriers and retailers in Asia, will benefit from our new security assessment solution. We have played an important role for type approval certification for Electrical and Electric products for many years. However, with the rapid growth of Network and Internet of Things devices, the need for stronger information security has become more varied and complicated. Taiwan’s National Communications Commission (NCC) expects that by the end of 2015 there will be technical standards to assess against for software built in mobile phones to better safeguard consumers’ personal information and privacy. Our co-operation with Onward Security Corporation complements our total solution and will further enhance our customers’ device security and stability.”
Mr. Morgan Hung, General Manager of Onward Security Corporation added: “The global manufacturer of networking products is facing a continuing and serious challenge around information security. We have many years’ experience with professional information security assessment skills and experience. We have successfully assisted several local and overseas manufacturers/ suppliers to improve their product quality and information security, reduce repair costs, as well as help meet relevant foreign regulations & information security requirements. Under our partnership with Bureau Veritas, we are integrating and optimizing the resources from both companies to provide both security and quality assurance to manufacturers and users of networking products.”

- End -