Onward Security: Connected Devices, Secured

In the IoT era, device manufacturers are strongly promoting network-enabled products while trying their best to shorten their time-to-market. In their effort to speed up product development, few blind spots in data protection indomitably arrive. These blind spots put devices under security vulnerabilities, which are often discovered by hackers, harm consumer privacy, and lead to litigation that damages business reputations and brand image. Considering this challenge in the marketplace, Onward Security, a company dedicated to cybersecurity compliance solutions for connected devices, envisions to create a secure network environment and help manufacturers solve cybersecurity issues with network-enabled products for the IoT world. In the words of Morgan Hung, CEO of Onwards Security, “We help firms implement DevSecOps procedures and effectively meet international standards and customer requirements on cybersecurity.”


We envision to create a secure network environment and help manufacturers or brands solve cybersecurity issues for the IoT world,” says Morgan Hung. (on the right)

To effectively incorporate DevSecOps and ensure compliance with cybersecurity requirements along with lowering the threshold for customers and accelerating the time taken, Onward Security has developed HERCULES SecFlow and SecDevice. These are automated product security assessment platforms with AI and ML features. HERCULES Secflow is a product security management system aimed to address customers’ needs concerning security regulations. It enables information sharing and coordinates collaborations among the development team, data security team, and operation team, and helps customers build DevSecOps practices while ensuring each development step compiles with cybersecurity rules. On the other hand, HERCULES SecDevice is an automated vulnerability assessment tool designed to address the timeliness issue of DevSecOps in product development and inspection. SecDevice performs quick and precise vulnerability scanning and testing on the finished products by simulating cyber attacks, thereby allowing a thorough check on cybersecurity during product development and before entering the market.

The numerous international acclaims and accolades received by the state of the art platforms stand testimony for the effectiveness of their deployment. For two years in a row, SecFlow and SecDevice have won Infosecurity Product Guide’s gold awards for Security Information and Event Management (SIEM), and IoT security as well as CyberSecurity Awards’ gold awards for Vulnerability Management and Incident Response, Embedded Security and ICS/SCADA Security. Additionally, SecFlow and SecDevice have also bagged the 2020 InfoSec Awards named SecFlow Best Product in the Incident Response and Vulnerability Management categories and SecDevice Next Gen Product in the IoT Security and ICS/SCADA Security categories.

Besides providing such best in class solution platforms, Onward Security goes the extra mile to help the clients fulfill their cybersecurity needs with top-notch services that include enterprise security, product security, and consulting services. In the case of enterprise security, the company provides step-by-step services such as penetration testing, IT security services and solutions, and IIoT security assessment services. With penetration testing, Onward Security assists enterprises in validating and testing the security strength of the internal and external systems to find out the security threats and potential issues and provides the full security assessment report for improvement.

The identified security threats of the internal and the external systems are located and solved through IT security services and solutions. Further, the company provides custom-made assessment services and training for its customers. Finally, the IIoT security assessment services of Onward Security assists the clients with architecture review, source code review, and DoS/DDoS Test, and also provides assessment and training services on app security, device security, and network security.

The product security services of Onward Security, adopting a holistic approach to addressing security vulnerabilities of a product, branch out as product security assessment services and hardware hacking services to attend to the software and hardware security threats, respectively. In product security assessment services, the company provides its customers with a total solution for the device life-cycle security development ranging from the requirement analysis, designing process, program development, and security testing to environment establishment. Besides, Onward Security introduces the client to related security services and products and assists them in acquiring software security development abilities to comply with regulations. The company, considering that the hardware vulnerabilities can be exploited to retrieve the sensitive information from the flash storage and get the shell from insecure hardware interface, offers the hardware hacking services to help its clients ensure product security from the hardware level, including interface and storage to meet the industrial and clients’ requirements.

Having delivered services in the enterprise and product level, Onward Security offers compliance and certification services to help the clients establish the security management system and evaluate the maturity level of the secured development to reduce the security risks and events. The company, along with a third-party security audit, also provides compliance improvement services to help its clients get international security certificates.

Onward Security also has an international-grade testing lab accredited by various cybersecurity standards. The company possesses the first CTIA authorized cybersecurity test lab in Asia and the only authorized lab in Taiwan for device testing and security assessment for Amazon Alexa built-in products that distinguish the company from its competitors. The security lab has been recognized with the accreditation of ISO 17025. It has assisted customers in the finance, transportation, and medical industry by performing penetration testing, security check, and diagnosis, and inspection for mobile app, video surveillance systems, and IoT devices. “We found out whether there’re vulnerabilities in the systems, provided assessment reports, and assisted the customers in solving the cybersecurity weakness, and meeting compliance requirements,” says Hung.

Onward Security, constantly challenging new cybersecurity detection technology and exploring new solutions, strives to improve the quality of cybersecurity for industries. With this adventurous attitude, the company moves towards the future, looking forward to global expansion from 2021 and aims to score at medical and in-vehicle markets. “We envision to create a secure network environment and help manufacturers or brands solve cybersecurity issues for the IoT world,” concludes Hung.