The new joint offering will enable contextual and intelligent testing of software-defined products as part of a full Product DevSecOps platform

The companies will both be exhibiting at the upcoming escar USA conference in Detroit and Auto-ISAC European Summit in Munich.

Torino & Jerusalem (June 5, 2024) – C2A Security, the risk-driven product security company for the automotive industry, and Drivesec, the testing and compliance company for Automotive and IoT, today announced a partnership to offer an end-to-end testing solution based on contextual security data, integrating WESETH® test automation platform into EVSec Product DevSecOps platform.

EVSec, the industry-pioneering DevSecOps Platform, automates archaic manual processes and enables cross-functional sharing and collaboration between teams, customers, and supply chains while offering full digital twin capabilities of the product. EVSec applies a risk-driven approach to product security, drawing contextual intelligence from the Model, for fast and accurate management of vulnerabilities, security, and operations by design and an overall efficiency boost to the customer’s development and operations of software-defined products.

C2A Security’s EVSec Attacker product automates vulnerability testing across the vehicle, including the system itself, network, and component level. EVSec Attacker uses binary analysis, additional algorithms, and risk insights from the Cyber Model, thus reducing the time and resources needed to test. EVSec Attacker can also be utilized to ‘black box’ test supply chains and third-party components. As an automated system, EVSec Attacker is cloud-based and can integrate with CI/CD pipelines.

WESETH® by Drivesec is a cloud-based test automation platform, expressly designed for cybersecurity verification of cyber-physical systems. WESETH® is designed to support the remote and automated validation and testing of cybersecurity requirements on benches, HIL systems, or prototypes. By seamlessly incorporating Drivesec’s WESETH testing platform and EVSec Attacker module, this collaboration promises full product lifecycle testing from security control validation to intelligent virtual and target-based fuzzing of the customer’s continuous integration pipeline.  

“At Drivesec, we are dedicated to enabling secure and compliant automotive and IoT solutions. Through our remote and automated cybersecurity testing platform, we bring innovation to the VA/PT processes. We want to bring OEM and TIER1 in control of their security testing assessment processes,” said Giuseppe Faranda Cordella, Founder & CEO of Drivesec. “Our collaboration with C2A Security marks a significant step forward in achieving this goal. By integrating our testing expertise with C2A Security’s innovative platform, we are equipping automotive manufacturers with the tools they need to safeguard their products against evolving cyber threats.”

“Through this collaboration, we are combining C2A Security’s expertise in automotive cybersecurity with Drivesec’s proficiency in testing and compliance, to deliver unparalleled security solutions for our customers. As new industry regulations come into force, EVSec DevSecOps platform, supported by Drivesec’s advanced testing capabilities, ensures that security becomes a value multiplier and not a deterrent to innovation,” said Roy Fridman, CEO of C2A Security. “We’re thrilled by our partnership with Drivesec, knowing that this will enhance our offering of risk-driven product security solutions, thus elevating our customers’ ability to automate their security systems and successfully meet regulatory demands.”

The companies will both be exhibiting and available for meetings and interviews at escar USA in Plymouth, June 5-6, and the Auto-ISAC European Summit in Munich, June 11-13, 2024.