Siemens CERT – The Industrial Security Specialists

 

The Siemens Cyber Emergency Readiness Team (CERT) was originally established in 1998 to protect internal IT infrastructure from attacks. Since then, our specialists have collaborated with leading university and industry partners to defend against current and future attacks and to protect existing infrastructures. Due to the increased security threat in the product environment, the independent ProductCERT has been in place since 2011. This team focuses exclusively on threats, attacks, and vulnerabilities in the Siemens product environment. ProductCERT centers its attention on the following three areas:

Vulnerability management

There is no such thing as permanent security. New security gaps and novel attack methods are constantly developing. Our vulnerability management closely tracks these developments to ensure that its security advice is always state of the art.

Incident handling

Incident handling is the point of coordination for current attacks in the facilities of Siemens' customers. This is where reports of problems are received (contact:productcert@siemens.com) and forwarded to the appropriate specialists for a solution. At the same time, an alert is issued to customers and partners that are potentially at risk.

Security tooling

Security tooling is responsible for developing and making available suitable security tools. The tools developed are divided into programs for detecting security gaps and for analyzing malware code as well as fuzzing tools for checking the security of input interfaces. In addition to these preventive measures, we also develop anti-virus programs for active defense against malware. These tools are integrated in the development processes so that particular vulnerabilities can be recognized in good time.