Carve Systems
Providing Cybersecurity Expertise to Protect Your Products and Your Brand
Security Solutions
What We Do
Security Testing
- Proactively find flaws before they are exposed or exploited
- Hardware and software “full stack” penetration testing
- Custom tooling for regression testing
Security Strategy
- Carve Systems Maturity Framework (CSMF) provides a real-world picture of security maturity
- Track security progress over time and communicate to senior leadership
- Strategic advisory from information security experts
Security Engineering
- Remove reliance on penetration testing
- Build a culture of security into your software engineering practices
- Predict and prevent security issues with threat modeling
Simplify Software Security
Our team of information security experts act as an extension of your product so your business can continue to innovate rapidly without compromising the safety of your product or the data of your customers. Our security assessments cover the cloud, IoT, embedded systems, API/web applications, and mobile devices.
Approach
Cybersecurity Experts Empowering Your Business
Businesses with better cybersecurity will outperform their competitors. We possess engineering and leadership skills that will empower your people and processes with a security mindset.
Carve’s cybersecurity engineering expertise brings around-the-clock support to major software/IoT initiatives in Fortune 500 organizations around the world. Chances are, the Carve team has protected your personal data at some point! Come take a peak behind the scenes and learn how the Carve team came to be.
TESTIMONIALS
What Carve Customers Are Saying
At BMW Technology Corporation, we believe that security is a key feature of our mobility solutions. As we have aligned with Carve Systems as our cybersecurity partner, our architects and developers have been positively influenced by the enormous talent that Carve Systems brings to us in this space. Carve helps us identify threats and pitfalls during the design of our products to help prevent vulnerabilities before code is written.
Carve provides us with confidence and peace of mind that our products are secure, and helps us communicate our posture to internal and 3rd party cybersecurity stakeholders. Through working with Carve, our internal security requirements and release dates have been met release after release. It has been a pleasure having them alongside us in our goal of keeping BMW’s products secure.
Command Injection with USB Peripherals
When this Project Zero report came out I started thinking more about USB as an interesting attack surface for IoT devices. Many of these devices allow users to plug in a USB and then perform some actions with that USB automatically, and that automatic functionality...
Reverse engineering Go binaries using Radare 2 and Python
When reverse engineering a binary application, at its lowest practical layer, the reverse engineer is looking at CPU-specific assembly language. In order to fully understand the application, the reverse engineer would need to understand those lower layers, instruction...
Abusing WebViews to Steal Files via Email
A few months ago, I was testing the email functionality on a company's contact us page, when I sent an email to myself containing: <script> alert("Hi, It's almost lunch time") </script> It actually was close to lunch time, so I wrapped up testing and waited for...