CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?


Security Architecture

Karamba Security Emerges From Stealth to Protect Cars From Hackers

Karamba Security, a company specializing in solutions designed to protect connected cars from cyberattacks, has come out of stealth mode with $2.5 million raised in seed funding.

Karamba Security, a company specializing in solutions designed to protect connected cars from cyberattacks, has come out of stealth mode with $2.5 million raised in seed funding.

Researchers have demonstrated over the past years that vehicles such as the Toyota Prius, Tesla Model S, Jeep Cherokee, and Nissan Leaf are exposed to hacker attacks due to vulnerabilities in connected systems.Karamba Security

Karamba Security, a company founded by a group of entrepreneurs and cybersecurity experts, aims to protect connected vehicles with an endpoint solution designed to harden electronic control units (ECUs) that can be remotely accessed via the Internet, Wi-Fi or Bluetooth.

If they can compromise one of the externally-accessible controllers, attackers can make their way into the vehicle’s Controller Area Network (CAN) bus, from where they could be able to take control of various functions.

Karamba proposes a solution that car manufacturers and their tier 1 suppliers can embed into ECUs to ensure that only authorized code and applications can be executed. The product enables vendors to define factory settings for each controller, and create a whitelist of permitted binaries, processes, scripts and network behavior.

The company says its product detects and blocks attempts to download and run unauthorized code on the ECU, and immediately alerts the manufacturer and provides them detailed attack information that can be used to close potential vulnerabilities.

Karamba told SecurityWeek that tier 1 providers have already signed up to test the technology, which is expected to become generally available in the coming months.

The car security company says its solution’s design — allowing the execution of only specified code and applications — eliminates the possibility of false positives. The product can be embedded into controllers during the development process, and it can also be easily installed on existing vehicles during regular maintenance.

“At CVTA we see a growing need for cybersecurity to ensure drivers’ safety, as connected cars may become a target for hackers,” said Scott J. McCormick, president of the Connected Vehicle Trade Association. “Early detection of cyberattack attempts and prevention of malware without false positive risks are essential to immunize cars against malicious software. We are impressed with Karamba Security’s unique approach, which can be used to provide early warnings of attack attempts and prevent malware from infiltrating the safety controllers of both new and existing cars.”

Advertisement. Scroll to continue reading.

Karamba Security received $2.5 million in seed funding from venture capital firm YL Ventures and private equity investment company GlenRock.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...


Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Artificial Intelligence

Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

Risk Management

In this virtual summit, SecurityWeek brings together expert defenders to share best practices around reducing attack surfaces in modern computing.


Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...