German Startup Cup goes to Cyber Resilience Specialist ONEKEY

German Startup Cup goes to Cyber Resilience Specialist ONEKEY 

High-ranking jury of experts selected the spearhead of German cybersecurity from dozens of applicants

Duesseldorf, June 15, 2023 – Several dozen cybersecurity startups had applied, three were selected in digital selection rounds to pitch on stage in front of audience and jury: At the final of the German Startup Cup, the German specialist for automated cyber resilience and IoT security ONEKEY was able to convince and won the first place of the three finalists for the cybersecurity sector. The German company was thus declared the spearhead of German cybersecurity. 

The seven jury members included Stefan van Eijden – Head of IT Operations & Infrastructure, Hamburg Port Authority, Prof. Dr. Sabine Rathmayer – Vice President Research, HDBW – University of Bavarian Business, Maximilian Wolf – Head of Startups & Entrepreneurship, CISPA Helmholtz Center for Information Security and Michael Kaiser – Lead Smart Manufacturing Program at B. Braun Melsungen AG. „With three top-class cybersecurity solutions in the final selection, we are particularly pleased to be on the podium as cup winners. With ONEKEY, we offer manufacturers and operators a highly automated platform for analyzing and managing vulnerabilities and compliance in industrial products and infrastructures. With this, we deliver an important step towards more cyber resilience and adherence to current and future compliance guidelines,“ says Jan Wendenburg, CEO of ONEKEY. 

ONEKEY makes industrial products and infrastructures resilient

The German Startup Cup has been awarded annually since 2019 and was established by the non-profit Gesellschaft zur Förderung des Forschungstransfers e.V. (GFFT) – the Society for the Promotion of Research Transfer. The award strengthens the innovative power in the Federal Republic and expands the reach for young companies. 

In ONEKEY’s case, this relates to a particularly sensitive issue: securing industrial control systems and any other smart products that are connected to a network. „Our solution enables an in-depth analysis of the firmware of every device that has its own chipset and thus software. The result is a clear and unambiguous risk analysis of which vulnerabilities can be exploited by hackers. The current risk situation is precarious in this respect: cyberattacks have increased enormously, and individual devices with known or as yet unknown vulnerabilities are increasingly in focus – as are digital control systems in industry, the failure or manipulation of which can result in damage up to and including loss of production and insolvency. Here, with our easy and fast-to-implement platform, we immediately ensure a drastic improvement in cyber resilience,“ explains Jan Wendenburg, who heads the ONEKEY team.  

Risk Software Supply Chains and Open Source Software

The company’s own laboratory team of professional white hackers – i.e., hackers with no malicious intent, but with wicked tricks – regularly identifies vulnerabilities, some of them glaring, in routers, switches and firewalls, as well as many other IT devices. The results are published as advisories, and hardware manufacturers are involved in order to implement protective measures for users as quickly as possible. In 2023 alone, vulnerabilities were found in industrially used router systems from WAGO, and a similar vulnerability was found in NetModule routers as well as in industrially used routers from Phoenix Contact. „We find vulnerabilities in a large number of devices that have a wide variety of causes. Supplied components with their own firmware, chess points due to open source software, there is a potential risk in everything. Therefore, the Software Bill of Materials, which can be created via our solution, is already an essential aid for companies and manufacturers to gain knowledge about digital components – combined with a risk analysis, which can ultimately save millions,“ says Jan Wendenburg from ONEKEY. 

ONEKEY is a leading European specialist in product cybersecurity. The unique combination of an automated security & compliance software analysis platform and consulting services by cybersecurity experts provides fast, comprehensive analysis, and solutions in the area of IoT/OT product cybersecurity. Building upon automatically generated „Digital Twins“ and „Software Bill of Materials (SBOM)“ of devices, ONEKEY autonomously analyzes firmware for critical security vulnerabilities and compliance violations, all without source code, device, or network access. Vulnerabilities for attacks and security risks are identified in the shortest possible time, and can thus be remediated in a targeted manner. The easy-to-integrate solution enables manufacturers, distributors, and users of IoT technology to quickly and continuously perform 24/7 security and compliance audits throughout the product lifecycle. Leading international companies in Asia, Europe, and America are already successfully benefiting from the ONEKEY platform and experts.