Experienced and Highly Technical Leaders in the Security Industry

Deep security research, world class advisory services, and innovative security solutions.

Looking for WhiteScope Firmware Validation?

Our Core Offerings

Services

WhiteScope offers a full range of assessment and consulting services. Need an experienced security consultant? We can help!

Tools

WhiteScope has developed a number of useful tools that can help with supply chain validation, compromise detection, and device security. Many of these tools are free, go ahead and give them a try!

Research

Exploring a new technology? Need to better understand the technical details of how a particular system works? Our research efforts can help.

Our Story

WhiteScope is a leading, independent provider of expert training and professional security services. We bring extensive, internationally recognized expertise and experience to every client engagement. WhiteScope has hands-on experience with assessments of the most critical high integrity systems, some of which involved the security of nations. WhiteScope is proud to have security consultants with the highest credentials including industry award winners, published authors, and speakers at the most prestigious security conferences including: Black Hat Briefings, RSA, DEFCON, Blue Hat, NATO CCDCOE, and many others. WhiteScope is also proud to offer security consultants with active Department of Defense security clearances for those highly sensitive systems that should only be evaluated by those who have been deemed especially trustworthy.

Our Professional Services

ICS, IoT, and Embedded Device Assessment

Our consultants have extensive experience with ICS/SCADA and IoT device assessments, "air gap" analysis, full spectrum red team (including physical), and DoD weapon systems assessments

Healthcare, 510(k), and Medical Device Assessment

WhiteScope consultants were involved in the first FDA cyber security advisory and one of the first FDA 510(k) cyber security submissions

Avionics Assessment

Our consultants are among the few cyber security professionals that have real world, hands on experience conducting cyber security assessments against airplanes and jets. Our avionics assessment toolkit is pretty awesome




Security Training

Customized security training to fit your needs. We've developed a number of training aids which make our classes challenging and full of hands on labs. We've previously taught at Blackhat and other security conferences

Network, Application, and Device Assessment

We have extensive experience running penetration tests, source code reviews, application assessments, device assessments and other types of security assessment work

Custom Security Engagements

Looking to solve a specific, custom problem? Have a security requirement that doesn't quite fit into a traditional security service description? Our experienced consultants can help

Our Tools and Solutions

Last Mile Supply Chain Validation

WhiteScope is a database of "Known Good" files for embedded software. You try it for free at https://validate.whitescope.io

GroundTruth Hunter Tools

GroundTruth is a versatile and flexible platform for proactive "hunting" operations for unauthorized entities on a network

Embedded Device Identity

Coming Soon




Aviation Assessment Platform

A full range of tools designed to interact with aviation communication buses (MIL-STD-1553 and ARNIC) and analyze/spoof avionics command words and status messages

Building Automation Security

Our BAS-EC (pronounced BASIC) technology discovers vulnerable Building Automation Systems (BAS) on the Internet

Virtualized ICS/SCADA Training Environments

Trying to build an ICS/SCADA cyber security workforce on a budget? Our virtualized ICS/SCADA training environments can help you meet your training objectives

Our Experience and Special Skills

WhiteScope consultants have had the privilege of working on some very exciting engagements. This section provides an overview of the various, special technologies where we have hands-on experience.

Skills

0-Day vulnerability research and discovery

SCADA, power generation/transmission, and water treatment facility assessments

Numerous cyber security assessments of DoD weapon systems

Airplane/Jet aircraft cyber security assessments (includes MIL-STD-1553 and ARINC)

Numerous medical device security and FDA 510(k) cyber security submissions

Browser, browser plug-in, and same origin policy security research

Are you ready to go?

We'd love to hear about your security challenges and we're eager to find ways to help

Contact Us