The German specialist for automated cyber resilience and IoT security ONEKEY was able to convince and won the first place of the three finalists for the cybersecurity sector.

The German company was thus declared the spearhead of German cybersecurity. 

The seven jury members included Stefan van Eijden – Head of IT Operations & Infrastructure, Hamburg Port Authority, Prof. Dr. Sabine Rathmayer – Vice President Research, HDBW – University of Bavarian Business, Maximilian Wolf – Head of Startups & Entrepreneurship, CISPA Helmholtz Centre for Information Security and Michael Kaiser – Lead Smart Manufacturing Program at B. Braun Melsungen AG.

"With three top-class cybersecurity solutions in the final selection, we are particularly pleased to be on the podium as cup winners. With ONEKEY, we offer manufacturers and operators a highly automated platform for analysing and managing vulnerabilities and compliance in industrial products and infrastructures. With this, we deliver an important step towards more cyber resilience and adherence to current and future compliance guidelines," says Jan Wendenburg, CEO of ONEKEY. 

ONEKEY makes industrial products and infrastructures resilient

The German Startup Cup has been awarded annually since 2019 and was established by the non-profit Gesellschaft zur Förderung des Forschungstransfers e.V. (GFFT) – the Society for the Promotion of Research Transfer. The award strengthens the innovative power in the Federal Republic and expands the reach for young companies. 

In ONEKEY's case, this relates to a particularly sensitive issue: securing industrial control systems and any other smart products that are connected to a network.

"Our solution enables an in-depth analysis of the firmware of every device that has its own chipset and thus software. The result is a clear and unambiguous risk analysis of which vulnerabilities can be exploited by hackers. The current risk situation is precarious in this respect: cyberattacks have increased enormously, and individual devices with known or as yet unknown vulnerabilities are increasingly in focus – as are digital control systems in industry, the failure or manipulation of which can result in damage up to and including loss of production and insolvency. Here, with our easy and fast-to-implement platform, we immediately ensure a drastic improvement in cyber resilience," explains Jan Wendenburg, who heads the ONEKEY team.  

Risk software supply chains and open source software

The company's own laboratory team of professional white hackers – i.e., hackers with no malicious intent, but with wicked tricks – regularly identifies vulnerabilities, some of them glaring, in routers, switches, and firewalls, as well as many other IT devices. The results are published as advisories, and hardware manufacturers are involved in order to implement protective measures for users as quickly as possible. In 2023 alone, vulnerabilities were found in industrially used router systems from WAGO, and a similar vulnerability was found in NetModule routers as well as in industrially used routers from Phoenix Contact.

"We find vulnerabilities in a large number of devices that have a wide variety of causes. Supplied components with their own firmware, chess points due to open source software, there is a potential risk in everything. Therefore, the Software Bill of Materials, which can be created via our solution, is already an essential aid for companies and manufacturers to gain knowledge about digital components – combined with a risk analysis, which can ultimately save millions," says Jan Wendenburg from ONEKEY