ONEKEY wins Swiss Army’s Cyber Startup Challenge 2022

Network discovery and security of IoT devices is the focus of the Swiss Federal Department of Defence, Civil Protection and Sport (DDPS)

Düsseldorf/Germany, November 7, 2022 – The cybersecurity company ONEKEY has won the Cyber Startup Challenge 2022, hosted by the Swiss Federal Department of Defense, Civil Protection and Sport (DDPS) and the Swiss Federal Office of Armament armasuisse. The competition aims to promote relevant startups and innovative technologies in the field of cyber defense. In the third edition of the Cyber Startup Challenge, ONEKEY convinced the jury of its novel and innovative solution in the field of automated security of Internet of Things devices and present it at the Cyber Defence (CYD) Campus Conference in October 2022. The Düsseldorf-based company prevailed over 36 strong competing startups and will implement a proof of concept, tailored to the needs of Swiss Armed Forces, of its cybersecurity solution in the environment of the DDPS. This demonstration it in a real environment at the DDPS will result in unprecedented supply-chain transparency and turn unknown vulnerabilities into known risks with clear and actionable remediation advice.

Detailed analysis

The company’s technology can automatically identify security vulnerabilities in IoT and OT devices and embedded devices deployed in networks. Based on this, ONEKEY can automatically create a Software Bill of Materials (SBOM), automatically generated “digital twins” are checked for critical security vulnerabilities and compliance violations. The SBOM provides a detailed overview of all components of a software – including open source and third-party components that are included in a program. In addition, ONEKEY analyzes the vulnerabilities and provides appropriate advice on how to mitigate them. Through continuous, regular testing of the digital twins, the security level of the network components can be determined at any time, even in the case of updates. The “digital twin” provides a virtual image of a system and enables its examination in the lab, without requiring the source code, the network, or physical access to the equipment. ONEKEY is already working with leading international companies, universities, and research institutions are also using the solution for IoT/OT security study purposes. “Our solution platform works like a microscope for all software components in a device – even hidden components become visible and every possible gap that a hacker can use is revealed. The last few months have impressively shown how crucial IoT/OT cybersecurity is in all areas – whether as a gateway for digital blackmailers, ransomware or as a means of hybrid warfare,” explains Jan Wendenburg, CEO of ONEKEY.

Integration in procurement and development

Whether in critical infrastructures, industrial companies or institutions: Connected devices, from routers to smart manufacturing machines, must already be secured during device development. ONEKEY’s solution can be integrated into the software development and procurement processes and enables the delivery of comprehensively secured hardware. Even at the time of acquisition, automated testing can investigate and patch, if necessary, before integration into an infrastructure. “Manufacturers, distributors and users of IoT/OT technologies all benefit equally from our solution,” says Jan Wendenburg.

The Swiss government’s Cyber Startup Challenge took place for the third time this year, this year focusing on “Network Discovery and Security of IoT Devices”.


ONEKEY is the leading European specialist in Product Cybersecurity & Compliance Management and part of the investment portfolio of PricewaterhouseCoopers Germany (PwC). The unique combination of an automated Product Cybersecurity & Compliance Platform (PCCP) with expert knowledge and consulting services provides fast and comprehensive analysis, support, and management to improve product cybersecurity and compliance from product purchasing, design, development, production to end-of-life.

Critical vulnerabilities and compliance violations in device firmware are automatically identified in binary code by AI-based technology in minutes – without source code, device, or network access. Proactively audit software supply chains with integrated software bill of materials (SBOM) generation. “Digital Cyber Twins” enable automated 24/7 post-release cybersecurity monitoring throughout the product lifecycle.

The patent-pending, integrated Compliance Wizard™ already covers the upcoming EU Cyber Resilience Act (CRA) and existing requirements according to IEC 62443-4-2, ETSI EN 303 645, UNECE R 155 and many others.

The Product Security Incident Response Team (PSIRT) is effectively supported by the integrated automatic prioritisation of vulnerabilities, significantly reducing the time to remediation.

Leading international companies in Asia, Europe and the Americas already benefit from the ONEKEY Product Cybersecurity & Compliance Platform and ONEKEY Cybersecurity Experts.



Sara Fortmann

Marketing Manager


euromarcom public relations GmbH

+49 611 973 150