Viettel IoT Security Assessment (Viettel Cyber Security)

Additional Info

CompanyViettel Cyber Security Company
Websitehttps://viettelcybersecurity.com/
Company size (employees)100 to 499
Headquarters RegionAsia

Overview

– Type of solution: Service
– Year this product or service was first introduced to the market: 2021
– Year the current version of this product or service has been released: 1.0
– Summarize the most important features and benefits of this product or service:
In 2021, Viettel Cyber Security (VCS) first introduced IoT Security Assessment Services which is a form of assessment whether clients’ IoT devices and systems contain vulnerabilities. During its operations, VCS has researched and owned 50 zero-day vulnerabilities on various application platforms such as Microsoſt, Zimbra, Facebook, Paypal, etc. We investigate and respond to numerous attacks from big APT group in the world such as: MgBot, Cobalt, Turla Group, APT29, APT32, Winnti, Mofang, Lotus Panda, etc.
Our IoT Security Assessment process is the combination of: IoT Devices and system vulnerability assessment; A checklist of vulnerabilities and impact of them; solutions to fix the vulnerabilities. We are proud of over one hundred ethical hackers who are trained to replicate the mind of a malicious attacker and use an exhaustive set of tools to perform and imitate this mindset.

How we are different

– Team of leading cybersecurity staffs and experts: Our staffs are not only in hall of fame of the most biggest technology companies in the world such as Microsoft, Oracle, Bugcrowd, ZDI, Facebook,... but also successful in ZDI's Pwn2Own continuously over the year 2020, 2021 and 2022, especially we are the winners in many category in the IoT season of Pwn2Own 2022. During its operations, Viettel has researched and owned nearly 400 zero-day vulnerabilities on various application platforms such as: Microsoft, Zimbra, Facebook, Paypal, etc. Our In-house project execution team has internationally recognized qualifications such as Winners of Pwn2Own 2020, 2021, 2022; Top 5 of BugCrowd researchers; Top 30 in Microsoft’s MSRC Most Valuable Security Researchers 2019-2021 and more.
– Professional process: Our service uses protive process which is completed and double checked by QA team until the audit results and assessment of remediation no longer contain errors. It is also recorded and captured for reporting when completing. The client can participate in the process to monitor and follow the whole process.
– A variety of security popular tools: Thanks to important results in 10-year pentest providing, we have a lot of experience in many key projects and big bugbouty programs, thus owning big data of new technical for IoT vuln fuzzing and exploit. Regarding client’s request, our team use a variety of security popular tools which are mature and adaptable to most real cases in orgarnizations, especially, we use some in-house tools, such as Viettel Threat Intelligence, an in-house development tool, a big data source providing Intelligence about all kinds of cyber threats and Viettel 1-day scanner which we build a list of exploitation codes, package into a single tool to automatically scan, detect vulnerabilities and exploit.