• Vehicle Security Operations Center Header

    Vehicle Security Operations Center

    Integrated security solutions are the only way to reliably protect connected vehicles against cyberattacks. These have to take into account every possible risk scenario that might conceivably occur during the entire life cycle of the vehicle in order to develop and effectively implement reliable, risk-appropriate security mechanisms.
    New regulations and standards like UN Regulation 155 and ISO/SAE 21434 will require manfacturers and fleet operators to monitor incidents and risks of their vehicle fleets over the entire life cycle. One essential component is the ESCRYPT Vehicle Security Operations Center (V-SOC) as part of the holistic Intrusion Detection and Prevention Solution.

ESCRYPT delivers the Vehicle Security Operations Center as a managed security service tailored to the needs of the vehicle fleet, including the integration of event sources from vehicle fleets and vehicle backend systems. ESCRYPT’s V-SOC follows an open architecture approach and integrates all sensors in the vehicle that provide information relevant for cybersecurity monitoring.

This includes network-based intrusion detection for the CAN bus with ESCRYPT’s CycurIDS, automotive ethernet firewalls with ESCRYPT’s CycurGATE, host-based intrusion detection for Linux, QNX, and Android ECUs and support for the complex distributed IDS architectures of modern E/E architectures.

cycurl graphix

CycurGUARD as essential gatekeeper

ESCRYPT’s CycurGUARD enables analysis of data from the entire connected fleet to identify emerging threats. With the monitoring backend product based on big data analysis technologies, this component collects and analyzes anomaly reports of vehicles in operation. CycurGUARD reliably identifies acute threats, referring to an extensive and continually growing database of known attack patterns. Using ad hoc or pre-built reports helps to evaluate the safety and security of the connected fleet, identify changes, focus resources on problem areas, and get ahead of attackers.


Threat detection and threat intelligence

The threat landscape for connected vehicles is constantly being adapted as attackers keep innovating. This concerns all building blocks of a connected vehicle fleet: the vehicles themselves as well as the corresponding vehicle backend services. Threat detection makes sure to identify the attack early on and to take appropriate measures in order to restore the security level. Threat intelligence constantly acquires and compiles knowledge according to new practicable attack patterns implemented by dedicated tooling and ESCRYPT's Automotive Security Analysts. Specialized ESCRYPT Automotive Security Forensic Experts take over the Incident Response process and Security Analytics. Our partner NTT supports with a comprehensive honeypot infrastructure and 10+ threat intelligence sources combined with ESCRYPT’s automotive-specific public sources to establish a dedicated threat intelligence service.

Download PDF
analysis icon

ESCRYPT collaborates with NTT on Security Operations Center (SOC) infrastructure and services. This partnership unites NTT’s operational excellence and expertise in the area of SOC as a service with ESCRYPT’s deep automotive security know-how and trained automotive security analysts and specialized ESCRYPT automotive security forensic experts. With this partnership ESCRYPT and NTT provide customers a highly professional, market-ready and truly holistic solution.

Our partner NTT Security is one of the world’s leading companies in the operation of Security Operations Center, having 10 SOCs worldwide with 24/7 operation, 600+ security experts, and battle-proven SOC tooling and infrastructure. By combining the competences and expertise of both companies, the Vehicle Security Operations Center is delivered by ESCRYPT as a managed service tailored to the needs of the vehicle fleet.

Your benefits:

Advanced security analytics by ESCRYPT's automotive forensic experts

Combination of years of expertise and distinctive operational excellence from IT security by NTT and ESCRYPT‘s automotive cybersecurity expertise

Availability of as-a-Service solution including operation, monitoring, and response

Continuous monitoring of attacks in the field by market-ready and mature ESCRYPT and NTT solution components

10 established Security Operations Center ensure worldwide coverage and are available 24/7

Integration of and openness to all types of in-vehicle Intrusion Detection Systems (IDS)

Download whitepaper
ISO 9001:2015 Home