COVID19 is the first pandemic where thanks to the adoption of mobile phones and IT could play a key role for contact tracing, registration, the EU DCC and other technologies to reduce the impact for society. But how do you secure that properly in an environment that normally doesn’t build systems and has to invent and realize the systems in weeks? With shortages in the market and requirements that are exceptional it proves to be very hard to do.
But when hackers and cats come together the impossible all of a sudden turns out to be possible. Under extreme pressure new concepts show up and security operations become real security operations. This is an open source story of solutions that need to be built, because failure is simply not a serious option.

The tool KAT has been developed during the COVID-19 pandemic when it became more and more apparent that it wasn’t possible to arrange security the traditional way. When the minister has his own software development, the systems that are built turn crucial rapidly and cover the nation you become vulnerable to political attacks, interference from other nations and all sorts of different attacks. The attack surface is huge, because of the many systems with all sorts of characteristics. Looking at that reality we soon saw that many of the tasks still are poorly automated and tools only partially answer the question you have. Surely the don’t answer relevant compliance questions. And definitely not in a way that you can label as forensically sound.

KAT is a serious attempt deliver information gathered in a forensic sound way in such a way we can distinguish facts from opinions. By storing object information based on time we understand the data we have and we can rapidly query objects and their state at any given time. Based on rules we determine technical vulnerabilities, violation of policy or standards. Not only for general tools but also for more specifc tools. Something seen more in the health care industry. When new vulnerabilities evolve we can’t only see that we are vulnerable but also since when. In the Netherlands the tool isn’t in use for all the covid test providers, but also will be used to scan hospitals through the CERT in the medical sector. KAT basically delivers you a turn key working engine that offers you the possibility to situationally aware assess you technical environment: a Context Analysis Tool.