TrustPort, a.s.   Czech Republic

Profile

TrustPort is a security solutions developing company from the heart of Europe. Our mission is to secure and protect the data and the communications of our customers all around the globe. We provide tools to protect against known and unknown threats, for both home users and large enterprises as well as security services. Our security solutions are comprehensive products which include continuously developed antivirus and encryption technologies, anti-spam methods and anomaly behaviour monitoring AI techniques. We develop them with the outstanding know how of our experienced analysts and the newest cutting edge technologies and methods. With our products, your computer, or your whole company network, will be secured and protected against all modern cyber threats.

TrustPort brings into AQUAS its strong experience in security areas mainly focusing on assessment of security requirements for ensuring safety, performance and security of validated systems. We have strong experience in security services, such as penetration tests, security and compliance audits based on various standards (ISO 27000 family, ISA/IEC 62443, NERC CIP 002-009, NIST Guide to ICS Security, etc.) and wide internal know-how. Our specialized tools provide deep analysis of operating systems and communication between systems based on artificial intelligence.

TrustPort within the Czech consortium will exploit its rich expertise in malware detection, ICS and SCADA security, network behaviour analysis, SIEM (security information and event management), as well as methods for development of secure systems (such as SSDLC) ensuring the presence of security factor from the very beginning of SW lifecycle.

Relevant expertise

Participating in and leading various IT security projects like

  • Anti spam,
  • Project developed for National Security Authority with the aim to research proprietary implementation of asymmetric encryption algorithms based on the cryptographic method of elliptic curve algorithms. Target was to implement faster version of the elliptic curve algorithm and to propose adequate available HW smart card with crypto chip,
  • Implementation of complex documentation based on certification authority for pilot project of Ministry of Defence and Armed Forces of the Czech Republic,
  • Security consultancy and documentation base for banking, facility and government sectors.

Used standards and guideline

  • NIST SP 800-53 – source for security and privacy requirements;
  • NIST SP 800-64 – one of the approach to SSDLC;
  • ISO 27034 – framework for ensuring the security during PLC;
  • ISO 27001 family – source of best practice and security and privacy requirements;
  • OWASP ASVS – source for security and privacy requirements and verification use cases