CYBER SECURITY

X-BRAiN offers cyber security services for every component and deployment type that is needed to run your IoT application. This includes security services in the context of GDPR compliance, IAM, audit trails, network protection, operating system security, data encryption, mobile app security and Blockchain technologies which are applicable to public (cloud-based) deployments as well as private deployments. Moreover, X-CITE offers security audits for your enterprise applications.

Get in touch with us for performing a security audit for your application.

WHAT WE ASPIRE TO

What we offer

Value-oriented planning
Step-by-step development
Seamless integration
Automated operation

Our Mission

Making IoT secure

Our Vision

We are developing X-CITE to be one of the leading Cyber Security providers in Europe. For large and mid-sized companies, we are the strategic partner for all services that are needed to run your IoT application – from the development of a strategy to final operation.

Corporate Culture

We are a technology company that continuously strives for excellence and drives forward innovation. Our work is customer-oriented and fast. At X-CITE, we are always striving to develop our expertise.

AT A GLANCE

OUR SECURITY SERVICES

GDPR Compliance

Each X-BRAiN service is fully GDPR compliant by implementing the

  • Right of rectification
  • Right of erasure
  • Right of data portability
while following the single source of truth principle for data subject related entities.
X-BRAiN is also implementing a solid baseline to meet PCI-DSS requirements.

Identity Access Management

Full authentication of incoming data by X-BRAiN micro services via JSON Web Tokens (JWTs) and exposed JSON Web Keys (JWKs).

Full authorisation of incoming data using JWT payloads and Attribute Based Access Control (ABAC).

  • Google Cloud Identity Platform
  • Auth0
  • Azure AD (incl. B2C)
  • Forgerock, Keycloak
  • More on request

Audit Trails

Every incoming service invocation to X-BRAiN is logged in a central logging framework. A separate instance exists outside of X-BRAIN to log operations on platform level.

Distributed Tracing is used to collect performance data to detect potential bottlenecks or failed invocations.

  • ELK, Google Cloud Stackdriver
  • AWS CloudWatch, Prometheus
  • Jaeger, AWS X-Ray

Network Protection

An ingress gateway is enforcing transport layer encryption, rate limiting and service routing while an egress gateway manages out- going connections via Istio policies.

All operations are constantly logged and additional firewalls can be deployed.

DDOS protection is applied to private deployments to prevent amplification attacks.

Operating System Security

The underlying operating system to run the X-BRAiN related Kubernetes master and workload nodes supports secure boot and integrity monitoring.

In case non-ephemeral secrets are used, the secrets are protected via a Key Management System.

In case of unknown, mainly Kubernetes based deployments, the authenticity of the deployed images is validated.

Data Encryption

All transport layer communication between the backend and frontend of X-BRAiN is encrypted following NIST guidelines.

Systems storing and/or processing X-BRAIN related data must either apply full disk encryption or transparent encryption on operating system level.

Optional: Zero Knowledge approach, End2End encryption

Application of Blockchain

The use of Blockchain technologies within X-BRAiN can be evaluated per use case, especially in the context of Smart Contracts.

The preferred Blockchain Protocol is EOSIO. Other protocols like Ethereum, Lisk or Tron can be considered per use-case.

The listed features are cross-validated with the Google Cloud environment.

Implications on Mobile Apps

Non ephemeral credentials, security relevant identifiers and Blockchain related keys are protected by iOS Keychain and Android Keystore.

In case security relevant data is processed by the app or the user identity must be ensured before using the app, reauthentication (e.g. by using biometric identifiers) can be implemented.

HOW WE WORK

THE DIGITAL TRANSFORMATION

IDEATE & ARCHITECT

Value based Planning: <ul> <li>Strategy</li> <li>Governance</li> <li>RTO</li> <li>RPO</li> </ul>

IMPLEMENT

Interactive Development: <ul> <li>Development</li> <li>Prototyping</li> <li>Migration</li> <li>Automation</li> </ul>

INTEGRATE

Seamless Integration: <ul> <li>Hybrid Infrastructure</li> <li>API</li> <li>Orchestration</li> <li>Security</li> <li>Privacy</li> </ul>

OPERATE

Automated Operations: <ul> <li>AppOps</li> <li>SysOps</li> <li>DevOps</li> <li>SecOps</li> <li>FinOps</li> </ul>

FOR ALL INDUSTRIES

DISCOVER THE USE CASES

© 2024 by X-CITE S.A.

Follow Us