News
-
CHT Awarded Elite Vendor Award
CHT Security, the Leading MSSP in Taiwan, is awarded the Elite Vendor Award by CIO Taiwan.
-
CHT Security Awarded Straight 5A Ratings in Government Review
CHT Security, the leading MSSP in Taiwan, received straight A scores in the latest governments review of cybersecurity service providers for SOC, Pentest, Vulnerability Assessment, Cybersecurity Assessment and Social Engineering Drill. Its the only MSSP to receive the top rating for consecutive years.
-
Partnership between CHT Security and Pomerium to offer Zero Trust Network Access solution
We are thrilled to announce a new partnership between CHT Security and Pomerium to offer a cutting-edge Zero Trust Network Access (ZTNA) solution. With the rise of remote workforces and the increasing need for secure access to enterprise resources, our joint solution will provide unparalleled security and accessibility to organizations of all sizes.But why should companies care about ZTNA? Simply put, traditional security models are no longer sufficient to protect against the constantly evolving threat landscape. The outdated perimeter-based approach to security and remote access has proven ineffective against modern threats such as phishing, ransomware, and advanced persistent threats. In contrast, ZTNA is designed to provide secure access to enterprise resources without compromising on accessibility or usability.Recent cybersecurity incidents involving two car rental companies showcase the need for better access controls: insufficient authentication and access control measures led to the data breach of over 100,000 customers personal privacy data per company.According to CHT Securitys incident response statistics in 2021, stolen credentials and public-facing applications are the top attack vectors exploited by hackers. Additionally, 10% of the public-facing application exploits were due to identification and authentication vulnerabilities. These highlight the importance of implementing ZTNA, which provides secure access control to safeguard important assets and resources.So, what exactly is ZTNA? At its core, ZTNA is a security model that verifies the identity of every user and device attempting to access a network, and provides granular access controls based on that identity. Rather than assuming trust based on network location, ZTNA enforces trust through continuous verification and dynamic policies. By implementing Pomerium and CHT Securitys solution, every corporate resource will have conditional, per-request access according to the organizations central access policies.(For a better understanding of how USAs NIST defines Zero Trust Architecture, read this blog post.)This partnership means CHT Security can now offer Pomerium as part of their ZTNA solution that provides secure, seamless access to enterprise resources from any location. Our solution provides a number of key benefits, including:Identity and Context-aware access: In a world where credentials are compromised and access tokens are stolen, access control should go beyond identity alone. Pomerium verifies the identity of every user and device, then leverages external sources of data to make better decisions about granting access, limiting the damage from malicious insiders and compromised accounts.Increased accessibility and usability: The solution provides secure access to enterprise resources from any location, without the need for a VPN or traditional perimeter-based security model. Being able to deploy Pomerium at edge also means end users do not have connectivity or latency issues, giving organizations operational flexibility and agility.Simplified management: By streamlining the management of access controls, policies, and user identities, we make it easy for organizations to maintain a secure and accessible environment. IT teams can avoid segmenting networks in favor of mutual authentication with Pomerium, ensuring internal services work better while limiting lateral movement.Audit and logging: Who accessed what, when, where, and what did they do? Pomerium provides fine-grained request-based audit logs, ensuring organizations can know everything that happens within their network.(For a better understanding of how NIST defines the benefits of Zero Trust Architecture, read this blog post.)At Pomerium and CHT Security, we believe that security should not come at the expense of usability or accessibility. Our joint ZTNA solution provides the best of both worlds, ensuring that your organization is secure without compromising on productivity or ease of use.More information at Pomeriums blog.
-
Thank you for all the supports. Wish you a promising happy new year 2023!
-
CHT Security approved as a qualified IEC 62443 CB Testing Lab (CBTL)
CHT Security is approved as a qualified IEC 62443 CB Testing Lab (CBTL) for cybersecurity assessment helping enterprises to create more secure OT systems.
-
CHT Security Joined CEATEC 2022 to showcase SecuTex NP/ED & CypherCom
During CEATEC 2022, CHT Security showcased the latest cybersecurity products including SecuTex NP/ED and CypherCom.SecuTex is a product family featuring Network Protection (NP) and Endpoint Detection (ED). Enterprises should be ready for security incidents, so keeping all the network packets is necessary for response and investigation. SecuTex Network Protection (NP) is designed to address this need, recording all network packets for deep inspection. It can do real-time network packet analysis and detect intrusions, while send alerts to administrator if necessary and meanwhile provides a single forensic platform that integrates forensic tools for higher efficiency.SecuTex Endpoint Detection (ED) integrates GCB (government configuration baseline) check, software update check, and malicious activities detection to grasp the whole picture of security risks and then users can come out the countermeasures.CypherCom is an end-to-end encryption communications system. CypherCom adopts slim sim hardware security element and the applet of CypherCom is FIPS 140-2 Level 3 certified to ensure the private key used in the communication is highly protected. All voice, text, photos, videos and files are encrypted throughout the process.
-
CHT Security Showcased SecuTex NP/ED & CypherCom at GITEX Global 2022
During GITEX Global 2022, CHT Security showcased the latest cybersecurity products and services, including SecuTex including Network Protection (NP), SecuTex Endpoint Detection (ED) and CypherCom.
-
Recently, Frost Sullivan researched the Taiwanese cybersecurity service market and, based on its analysis results, recognizes CHT Security with the 2022 Taiwanese Company of the Year Award for its cybersecurity service. The company secures Internet of Things (IoT) devices that empower a wide range of use cases for sustainable smart cities in Taiwan, including secure software development lifecycle counseling in the development stage to help equipment manufacturers improve the system security of devices. In addition, the company offers testing services in the delivery stage to detect possible entry points for attackers to exploit and offers continuous monitoring and management to respond to security incidents in real time. CHT Securitys strong commitment to introducing relevant services to secure connected devices and developing a secure IoT ecosystem differentiates it from competitors.With its strong industry expertise and cybersecurity capabilities, CHT Security has accumulated over 50 critical common vulnerabilities and exposures so far, many of which are related to IoT device vulnerabilities. The company has capitalized on its rich threat intelligence to introduce HiNet Cyber Threat Gatekeeper, a new cost-effective solution that helps organizations protect their IoT devices. As a leading managed security service provider (MSSP) in Taiwan, CHT Security offers a broad service portfolio, including managed and professional security services, to meet the rising demand for reliable IT security. The company established the HiNet security operations center (SOC) in 2003 to provide security outsourcing services, thus developing extensive experience and an impressive track record in protecting enterprises and government bodies against all cybersecurity attacks.With significant investments in innovation and RD, CHT Security stands out from its competitors in helping industries and customers manage security challenges while achieving broader business objectives, stated Vivien Pua, a Frost Sullivan Senior Industry Analyst.CHT Security dominated the Taiwanese cybersecurity service market in 2021, recording a healthy 20% year-over-year growth and having a significant presence across verticals, including government; manufacturing; and business, financial services, and insurance (BFSI), despite challenging and uncertain market conditions. The company has positioned itself as the trusted security partner to key government agencies, participants in the critical infrastructure sector, financial service providers, and high-technology manufacturers. The company leads the cybersecurity service market with its holistic and extensive security service offerings, strengthened by its established reputation, commitment to innovation, and continuous efforts in expanding its partnerships with technology vendors to support customers better.Pua added that CHT Securitys continuous efforts in expanding its solutions and strategic partnerships have enabled it to achieve a competitive edge and remain the top-of-mind choice among enterprises and government agencies in Taiwan. The companys robust business performance in 2021 amid a challenging business environment reflects its solidified market leadership position in the country.Each year, Frost Sullivan presents a Company of the Year award to the organization that demonstrates excellence, in terms of growth strategy and implementation in its field. The award recognizes a high degree of innovation with products and technologies and the resulting leadership, in terms of customer value and market penetration.Frost Sullivan Best Practices Awards recognize companies in various regional and global markets for demonstrating outstanding achievement and superior performance in leadership, technological innovation, customer service, and strategic product development. Industry analysts compare market participants and measure performance through in-depth interviews, analyses, and extensive secondary research to identify best practices in the industry.About Frost SullivanFor six decades, Frost Sullivan has been world-renowned for its role in helping investors, corporate leaders, and governments navigate economic changes and identify disruptive technologies, Mega Trends, new business models, and companies to action, resulting in a continuous flow of growth opportunities to drive future success. Contact us: Start the discussion.About CHT Security CHT Security is a subsidiary of the Chunghwa Telecom Group, the 1st Telco and one of the most trustworthy ICT companies in Taiwan. CHT Security has ISO 27001, ISO 27701, ISO 20000 and ISO 17025 certificates and is awarded 2022 Cybersecurity Best Service of the COMPUTEX Best Choice, 2021 Taiwan Managed Security Services Company of the Year Award by Frost Sullivan, Infosec Quality Award Infosec Excellence Award by BSI, Championship Winner of International Bug Bounty Challenge held by ITRI and Championship Winner of HITCON Defense Contest. In the governments annual review, CHT Security is the only company that achieved the top rating for consecutive years. CHT Security provides telco-centric and comprehensive cybersecurity solutions to over 300-thousand households, 20-thousand SMEs, and 200 large enterprises government institutions.
-
CHT Security New Office Opening in Tainan, Taiwan
CHT Security Co., Ltd. just announced new office opening in Tainan, Taiwan. Now CHT Security is headquartered in Taipei, Taiwan with branch offices located in Taichung, Tainan and Kaohsiung.
-
SummaryVulnerability List[CVE-2021-32536] Cross Site ScriptingDetails1. Cross Site ScriptingDescriptionA reflected cross-site scripting (XSS) vulnerability was found in the MCU system 5.5. Arbitrary web scripts would be injected via HTTP-GET.ImpactIt will affect the users of the MCU system. Browsers might be manipulated if a malicious URL has been clicked.VersionV5.5Credits* Lai, Yu-Jen (CHT Security)
For Financial Institutions
Security Assessment, ATM Drills for Offense & Defense, DDoS Drills, GDPR Consultant.
For Enterprises
Large Enterprises: Gateway Protection, Endpoint Protection, Data Security, Regular assessment, ISMS, In-depth Defense with ISPs.
SMB & Soho: Anti-virus, Anti-hacking, Internet Protection.
For Government Departments
Regulation Compliance, Regional Joint Defense, SOC, ISAC, Common Supply Contract.