Protecting Critical Infrastructure

A trusted partner for your cybersecurity needs

We assist organizations manage cybersecurity risk, identify and remediate cybersecurity flaws, to make the right cybersecurity technology purchases, and prepare your organization to manage and respond to cybersecurity attacks.

Governance, Risk, Compliance

Measure and manage risk, identify critical assets, and increase compliance with our services – risk assessment, penetration testing, and audit services.

Policy & Procedures

Establish policies for your cybersecurity program with the right rules, processes, guidelines and exceptions tailored to your organization’s security objectives.

Awareness Training

Enable and empower your employees to protect your infrastructure with a carefully curated cybersecurity awareness program.

Our Track Record

Risk Assessment

Secure Design

Penetration Test

We help you transform your security posture.

To protect from evolving cyber threats.

Delivering Solutions with Lasting Value

We serve a wide range of industries. Our industry knowledge and experience will enable you to effectively deal with cyber threats.

Rail & Transit

Chemical

Mining

Education

Oil & Gas

Manufacturing

Utilities

Water

3waysecure Approach

Our approach is simple. We help you adopt holistic, pragmatic and sustainable security with fact- and intelligence-based strategic decisions.

Holistic, Pragmatic, Sustainable Security

Security must be holistic, pragmatic and sustainable to protect from evolving threats.

Information And Intelligence-led Decisions

Intelligence-led and information based approach empowers strategic decision making.

Personalized And Cost Effective Solutions

Solving problems unique to your business with personalized and cost-effective solutions.

Critical Vulnerabilities

SweynTooth Vulnerabilities

Severity: Critical

Summary

The vulnerability family titled “SweynTooth” is a collection of 12 vulnerabilities with the potential for more to be identified and released. These vulnerabilities are reported to affect at least seven different BLE SoC manufacturers utilizing various affected software development kits (SDK). According to the information released by the researchers, the BLE SoC manufacturers include Texas Instruments, NXP Semiconductors, Cypress, Dialog Semiconductors, Microchip, STMicroelectronics, and Telink Semiconductor. The vulnerabilities expose flaws in specific BLE SoC implementations that allow an attacker in radio range to trigger deadlocks, crashes, buffer overflows, or the complete bypass of security.

Affected Assets:

It is reported that smart-home devices, wearables, environmental tracking or sensing devices, and several medical and logistics products could be affected. The affected medical devices may include pacemakers, blood glucose monitors, and others using affected BLE SDKs.

Vulnerabilities in complex

Manufacturers affected

%

Chance of being affected

Mitigation Steps:

The BLE SoC manufacturers reported using affected software development kits (SDK) have issued the following user notifications or provided the following patches for device manufacturers. Additional notifications and patches are pending and will be updated as they become available.

Get A Free Consultation

Learn more about our services and solutions to protect your business.