JIS T 81001-5-1:2023 Compliant Penetration Testing

Compliance with "JIS T 81001-5-1:2023" (IEC 81001-5-1:2021) is now required for cybersecurity measures for medical devices and other devices. This standard specifies processes for appropriately managing security risks throughout the lifecycle of products such as medical devices.
After signing an NDA (non-disclosure agreement) with our customers, we conduct penetration tests tailored to their requests based on the specifications of the equipment and network being investigated. Although we have less manpower than major companies, we are able to perform tests and report creation at very low prices and with flexibility. We have a track record of penetration testing for medical equipment vendors, ship equipment companies, etc.

a) Attack target area analysis
b) Security requirements testing
c) Threat mitigation testing
d) Vulnerability testing
e) Known vulnerability scans
f) Penetration test

We will consistently carry out test planning, analysis, design, implementation, re-examination, and reporting, and will document and submit the results as a report.
For pentesting, we support not only general-purpose OS, TCP/IP networks, wired LAN, and wireless LAN, but also proprietary OS and proprietary interfaces. We also conduct investigations using Bad USB devices and side channel devices (weak currents and pulsed electromagnetic waves).

→BadUSB Keylogger Attack AP MITM →Side-channel attacks and SDR tools →Password investigation/recovery tool

Evaluation by a third party

After signing the NDA, we will ask you about the specifications and default settings of the equipment and network being investigated. Since we have a small team, we may not have enough manpower to investigate large-scale systems, but we do have a track record of investigating specific devices and embedded equipment.
We will prepare a report by a third-party organization that complies with "JIS T 81001-5-1:2023" (IEC 81001-5-1:2021).

Please feel free to contact us →ConsultationPlease.