CONTACT US

    Cyber Security

    A SECURE IoT EXPERIENCE WITH X-BRAiN

    shape_not_found

    CYBER SECURITY

    X-BRAiN offers cyber security services for every component and deployment type that is needed to run your IoT application. This includes security services in the context of GDPR compliance, IAM, audit trails, network protection, operating system security, data encryption, mobile app security and Blockchain technologies which are applicable to public (cloud-based) deployments as well as private deployments. Moreover, X-CITE offers security audits for your enterprise applications.

    Get in touch with us for performing a security audit for your application.

    GET IN TOUCH FOR YOUR SECURITY AUDIT

    WHAT WE ASPIRE TO

    What we offer

    Value-oriented planning
    Step-by-step development
    Seamless integration
    Automated operation

    Our Mission

    Making IoT secure

    Our Vision

    We are developing X-CITE to be one of the leading Cyber Security providers in Europe. For large and mid-sized companies, we are the strategic partner for all services that are needed to run your IoT application – from the development of a strategy to final operation.

    Corporate Culture

    We are a technology company that continuously strives for excellence and drives forward innovation. Our work is customer-oriented and fast. At X-CITE, we are always striving to develop our expertise.

    AT A GLANCE

    OUR SECURITY SERVICES

    GDPR Compliance

    Each X-BRAiN service is fully GDPR compliant by implementing the

    • Right of rectification
    • Right of erasure
    • Right of data portability
    while following the single source of truth principle for data subject related entities.
    X-BRAiN is also implementing a solid baseline to meet PCI-DSS requirements.

    Identity Access Management

    Full authentication of incoming data by X-BRAiN micro services via JSON Web Tokens (JWTs) and exposed JSON Web Keys (JWKs).

    Full authorisation of incoming data using JWT payloads and Attribute Based Access Control (ABAC).

    • Google Cloud Identity Platform
    • Auth0
    • Azure AD (incl. B2C)
    • Forgerock, Keycloak
    • More on request

    Audit Trails

    Every incoming service invocation to X-BRAiN is logged in a central logging framework. A separate instance exists outside of X-BRAIN to log operations on platform level.

    Distributed Tracing is used to collect performance data to detect potential bottlenecks or failed invocations.

    • ELK, Google Cloud Stackdriver
    • AWS CloudWatch, Prometheus
    • Jaeger, AWS X-Ray

    Network Protection

    An ingress gateway is enforcing transport layer encryption, rate limiting and service routing while an egress gateway manages out- going connections via Istio policies.

    All operations are constantly logged and additional firewalls can be deployed.

    DDOS protection is applied to private deployments to prevent amplification attacks.

    Operating System Security

    The underlying operating system to run the X-BRAiN related Kubernetes master and workload nodes supports secure boot and integrity monitoring.

    In case non-ephemeral secrets are used, the secrets are protected via a Key Management System.

    In case of unknown, mainly Kubernetes based deployments, the authenticity of the deployed images is validated.

    Data Encryption

    All transport layer communication between the backend and frontend of X-BRAiN is encrypted following NIST guidelines.

    Systems storing and/or processing X-BRAIN related data must either apply full disk encryption or transparent encryption on operating system level.

    Optional: Zero Knowledge approach, End2End encryption

    Application of Blockchain

    The use of Blockchain technologies within X-BRAiN can be evaluated per use case, especially in the context of Smart Contracts.

    The preferred Blockchain Protocol is EOSIO. Other protocols like Ethereum, Lisk or Tron can be considered per use-case.

    The listed features are cross-validated with the Google Cloud environment.

    Implications on Mobile Apps

    Non ephemeral credentials, security relevant identifiers and Blockchain related keys are protected by iOS Keychain and Android Keystore.

    In case security relevant data is processed by the app or the user identity must be ensured before using the app, reauthentication (e.g. by using biometric identifiers) can be implemented.

    HOW WE WORK

    THE DIGITAL TRANSFORMATION

    IDEATE & ARCHITECT

    Value based Planning: <ul> <li>Strategy</li> <li>Governance</li> <li>RTO</li> <li>RPO</li> </ul>

    IMPLEMENT

    Interactive Development: <ul> <li>Development</li> <li>Prototyping</li> <li>Migration</li> <li>Automation</li> </ul>

    INTEGRATE

    Seamless Integration: <ul> <li>Hybrid Infrastructure</li> <li>API</li> <li>Orchestration</li> <li>Security</li> <li>Privacy</li> </ul>

    OPERATE

    Automated Operations: <ul> <li>AppOps</li> <li>SysOps</li> <li>DevOps</li> <li>SecOps</li> <li>FinOps</li> </ul>

    FOR ALL INDUSTRIES

    DISCOVER THE USE CASES

    /smart-agriculture/
    Smart Agriculture
    /smart-building/
    Smart Building
    /smart-industry/
    Smart Industry
    /smart-mobility/
    Smart Mobility
    /smart-city/
    Smart City
    /smart-healthcare/
    Smart Healthcare
    /smart-logistics/
    Smart Logistics
    /smart-environment/
    Smart Environment
    /smart-public-safety/
    Smart Public Safety
    Previous
    Next

    © 2024 by X-CITE S.A.

    Company

    Trust

    Follow Us