Meet the finalists of the Cyber Start-up Challenge 2023
The three start-ups Luchs Security, AppCensus and Ostorlab impressed the jury of the Cyber Start-up Challenge 2023 in this year’s selection procedure. During the Cyber-Defence Campus Conference on 26 October 2023, all three companies presented a pitch with their innovative solutions on the topic of «Smartphone security».
Andrea Thäler and Inan Kadioglu, specialist area Cyber Security and Data Science, competence sector Science and Technology
Under the banner of «Smartphone security», start-ups sought innovative solutions in the area of security of smartphone applications and their potential threats. The winner receives an order for a proof of concept and can demonstrate their solution in a real DDPS environment.
The Cyber-Defence (CYD) Campus of armasuisse Science and Technology observes and anticipates cyber developments. Start-ups often have novel and forward-looking ideas. They can thus spawn innovations that provide a technological advantage for guaranteeing security in cyberspace. It is therefore particularly important to identify and use such technologies as early on as possible, even if they are not yet fully developed.
Start-ups from all over the world took part in this year’s Cyber Start-up Challenge. They all presented a wide variety of innovative technologies in the area «Smartphone security». The jury nominated the following three finalists from a wide range of interesting start-up companies:
Luchs Security
Luchs Security has set itself the goal of revolutionising the security of IoT (Internet of Things), OT (Operational Technology) and embedded devices with ultra-modern security test suites. The security test suites consist of various protection programmes contained in a security package. Luchs Security redefines the protection of networked devices and increases security in usage of the Internet. Thanks to its expertise, Luchs Security promises its customers cost savings from up to 80% in comparison with conventional security testing methods while complying with the highest security standards.
The seamless integration of security in the DevSecOps methods enables developers to identify vulnerabilities in the development process early on and to defuse them. DevSecOps is a procedure in app developments in which security practices are integrated into the entire software development process. The goal is to maximise the security of applications. This proactive strategy not only increases security but also accelerates product development. In addition, it guarantees timely and secure product releases.
AppCensus
AppCensus focuses on revolutionising the use and data protection of mobile apps. As an integrated Software as a Service (SaaS) platform, AppCensus enables broad insights into the data management and behaviour when using mobile apps. SaaS platforms are applications that can be used via an Internet browser. AppCensus offers its users support in evaluating data collection practices and in meeting product, guideline and platform requirements.
Thanks to the analysis tools from AppCensus, real activities can be tracked when using apps. Based on the analyses, detailed reports are created which indicate problems in connection with the use of apps. The reports and data collected serve as a «data protection checklist». These can be passed on internally by the companies and used to remedy technical problems, address design issues and optimise their general data protection situation and practice.
Ostorlab
The Ostorlab Mobile Application Scanner is a high-performance platform for testing the security of mobile applications. The goal is to support companies in identifying and rectifying security loopholes in their Android and iOS applications. Ostorlab uses static and dynamic analysis methods to identify vulnerabilities which can cause considerable damage to the security and reputation of companies. These damages range from security breaches to data leaks and compromised communication.
The Ostorlab Mobile Application Scanner offers robust functions. For example, the scanning and monitoring of applications from stores such as the PlayStore and the AppStore. It also supports Software Bill of Materials (SBOM) files to detect obsolete and vulnerable dependencies. SBOM are guidelines that describe the components of a software in detail. As the scanner contains automated app interactions, it can carry out comprehensive security tests. As a result, it has a strong track record in detecting and reporting critical vulnerabilities. This further underscores its effectiveness.
