Services

SERVICES FOR MODERN NETWORKS.

In the IoT era, where connected devices are controlling more critical aspects of our lives, a new approach to security services is required to enable a safe and secure future.

Finite State is proud to offer comprehensive security services that cover traditional IT as well as IoT and connected devices.

SUPPLY CHAIN SECURITY SERVICES: TRANSPARENCY IMPROVES SECURITY

At Finite State, we believe that cybersecurity should ultimately be viewed through the lens of risk management, and that increased transparency into IoT and connected devices is critical to achieving better security for everyone. We offer

SUPPLY CHAIN RISK ASSESSMENT

Assess the fundamental risk factors affecting each of the IoT devices that you have deployed or are considering deploying. Annual subscriptions are available to make these services part of your standard procurement process.

The Finite State Supply Chain Risk Assessment is a robust risk analysis of IoT devices across your organization, which provides insights into vulnerabilities, hard-coded credentials, and other code hygiene issues.

VULNERABILITIES

Finite State analyzes firmware deep inside IoT devices, uncovering all of the software subcomponents and libraries which are installed. With this, we produce a comprehensive, accurate list of all of the vulnerabilities (CVEs) which exist within the device. While others promise visibility, Finite State deep dives into the underlying vulnerabilities lurking in the firmware.

CREDENTIALS AND CRYPTO MATERIALS

Finite State provides insights into all of the credentials and crypto materials which are present in the firmware, including hard-coded passwords, SSH keys, authorized_keys files, host keys, and SSL certificates.

CODE HYGIENE

Most IT professionals are familiar with the Secure Software Development Life Cycle (S-SDLC), an overall development methodology for building more secure applications. Finite State analyzes the firmware inside your connected devices to discover if the manufacturer is properly applying security best practices. We examine the embedded binaries for multiple indicators of code hygiene, including memory corruptions, code complexity, and component age.

VALIDATED SECURITY ASSESSMENT

Intensive security assessment of select, high-impact devices, potentially uncovering backdoors and zero-days.

The Finite State Validated Security Assessment includes all aspects of the Supply Chain Risk Assessment, plus additional security analysis that may include explicit discovery of potential backdoor accounts, manual review for 0-day vulnerabilities, a detailed survey of static cryptographic materials, and expert commentary around these findings, including suggested mitigation steps.

VULNERABILITY REMEDIATION ASSISTANCE

Management of the vulnerability disclosure process with the manufacturer and ICS-CERT.

A deeper look into connected devices often turns up 0-day vulnerabilities. We will partner with you to disclose findings to device manufacturers, providing incentive for them to release software updates which fix the issues. Finite State will follow a responsible disclosure lifecycle, reporting each vulnerability to the manufacturer and to other relevant parties such as ICS-CERT.

MANAGED SECURITY SERVICES FOR THE IOT ERA

Finite State offers managed security services to defend your entire network, including IoT and other connected devices — including medical, industrial and 5G networking gear — from increasingly sophisticated cyber threats. Our flexible approach to network, data, and device security means you can customize our offerings to meet your unique needs.

We’re proud to offer the following services & benefits:

  • 24x7x365 Security Operations Center (SOC)
  • Incident response and handling
  • Vulnerability management—including for IoT and other connected devices
  • Professional Services and technology support
  • Comprehensive cybersecurity, including IoT, medical devices, other connected devices and emerging technologies

Our services are purpose-built for organizations that are overwhelmed with managing their information security architecture to protect their data, their employees, and their customers.

OPERATIONAL EXCELLENCE

Our program ensures that only the best technologies are chosen, proper training is deployed to employees, and operational processes are in place. We cover your entire environment, from traditional IT devices like laptops and servers to IoT devices like cameras and smart TVs to industry-specific connected devices.

Assess Your Risks

We automatically identify what’s on your network, including what’s buried inside your IoT and connected devices, to truly understand the risk associated with your network.

Monitor 24x7x365

With 24×7 Monitoring and change management we can continuously ensure systems are up and configured according to requirements.

Hunt Threats

With the latest technology and tools, we proactive monitor and hunt for threats on your network

Investigate & Respond

Our team of experts does root-cause analysis and takes action to help keep your network secure.

Contact Us