Issue 11 2024

Corporate Vision At the heart of IOActive is a deep understanding of the ‘attacker’s perspective’, something that has served as the foundation for the in-depth research it has carried out and the services it today offers to industries around the world. The company’s steadfast dedication to research is grounded in the knowledge that it must remain one step ahead of looming threats so as to protect everything- from industries and devices to governments- with maximum efficiency. When it comes to defining exactly how IOActive operates in its specialty sector, this enterprise cybersecurity company encourages its clients to embrace policies and ways of working that are secure by design, meaning that they seamlessly integrate robust security measures across both development and deployment lifecycles. This ensures that security is implemented every step of the way, which is one of the reasons people seek out IOActive- for its futureproof services that tackle complicated cybersecurity challenges. As for how it achieves this, the company’s teams are able to penetrate technology stacks at every level, pushing the envelope when it comes to cybersecurity through the likes of attack simulations, training and consultancy services, and specialised technical programmes. One of IOActive’s most recent innovations came in the form of advanced hardware, where it created a series of microchip and integrated circuit security services to help client businesses understand and mitigate the risks of attacks on both silicon chips and supply chains. Having achieved this feat and successfully outpaced yet another round of advanced cyber-based threats, the business has recently been turning its attention to the active research and commercial assessment of artificial intelligence and machine learning systems, both of which have quickly cemented themselves as invaluable tools for cyber attackers and defenders alike. A fitting example of a commitment to remain one move ahead, IOActive’s industryleading abilities can be attributed to its team and culture. “IOActive embodies inclusivity, empowerment, and compassion, fostering a workplace culture where innovation can flourish and team members are valued for both their unique and collective contributions”, explains the company’s own CEO Jennifer “Sunshine” Steffens. With more than 150 employees from across the world comprising this team, focusing on the wellbeing and professional development of every one of them sees staff inspired to break boundaries, challenge norms, and uncover as many security weaknesses as possible. This was certainly the case earlier this year, where a team of IOActive’s best researchers made and published a major discovery that concerned a serious weakness present in hundreds of millions of AMD microprocessors made from 2006 onwards. Known as the ‘Sinkclose’ vulnerability, what the team found was that hackers could manipulate the privileged System Management Mode (SMM) Making the world a safer place since the companies inception in 1998, IOActive, Inc. places integrity, passion, and creativity at the heart of its operation, and has subsequently carved out a position for itself at the forefront of research-fuelled cybersecurity services. At the heart of the company’s signature method is an ability to help its clients understand their vulnerabilities and risks. For its consistent excellence in doing so, IOActive has been rightfully named as the Best Research-Led Security Services Provider 2024 - USA. IOActive: Research-Driven Cybersecurity Brilliance on these chips, making it almost impossible for devices to even find any malware infections, let alone set about solving them. Following the publishing of this report, AMD was quick to work with the IOActive researchers to find a solution. In a statement from the former, it acknowledged the latter’s invaluable contribution to its security going forwards, stating: “We thank IOActive for their research and collaboration, as it has helped us enhance the security of our products.” Beyond just ensuring that those with affected devices were made safer, this revolutionary finding also stimulated discourses surrounding the general long-term resilience of supply chains. As this game-changing discovery suggests, global supply chain cybersecurity has been a major focus for IOActive over the past few years. This is because, in a landscape where supply chains now stretch seamlessly across continents, it is more important than ever to ensure their resilience from the ground up. In closing, Sunshine tells us: “Research serves as the backbone fuelling IOActive’s multi-domain expertise covering physical security, hardware, embedded, and silicon-level systems and components, all the way up to the inner workings of people, processes, and supply chains. Our teams are constantly innovating, leveraging decades of experience to drive cutting-edge research initiatives to continue to help customers and industries worldwide.” Contact: Heather Overcash Company: IOActive, Inc. Web Address: https://ioactive.com/ State-of-the-Art Silicon Lab

RkJQdWJsaXNoZXIy NTY1MjM3