About us
Our philosophy: “We specialize in Industrial (OT) and Information Security - building practical security with a real-life perspective based on 20+ years experience. “ - Mikael Vingaard, Owner, En Garde Security
Our Key services;
Industrial Penetration testing (both “Passive” and “Active”)
Vulnerability risk assessments and security audit preparation
Threat hunting and Honeypots threat intelligence (please see honeypot.dk for details)
Our contributions to a safer industrial environment, includes finding Zero-days and submission of responsible disclosure notification to leading vendors, Moxa, Siemens /Ruggedcom, Palo Alto, Honeywell, Hirchmann, ATC and others.
A CVE list including the following contributions;
MOXA - CVE-2016-9367 ICS Advisory (ICSA-16-336-02A)
MOXA- CVE-2018-10632 ICS Advisory (ICSA-18-200-04)
PLC (Wago) CVE-2019-10953 ICS Advisory (ICSA-19-106-03)
Honeywell https://www.honeywell.com/en-us/product-security#items_304654820
Many new advisories is in the pipeline to be published, when firmware updates is avaliable…
Background and certifications:
I hold a active CISSP certification and the GIAC Response and Industrial Defense (GRID) + Global Industrial Cyber Security Professional (GICSP) certifications from SANS. Furthermore I am Certified SCADA Security Architect (CSSA) and has achieved a numbers of other international IT-security product related certifications, and has participated in the following educations;
(SANS) ICS410: ICS/SCADA Security Essentials
(SANS) ICS515: ICS Active Defense and Incident Response
(SANS) ICS612: ICS Cybersecurity In-Depth
(DHS/ICS-CERT) ICS Cybersecurity
Certified SCADA Security Architect (CSSA)