Shifting Security Left
Our centralized product cybersecurity team empowers product teams with policies, procedures, tools, and training to integrate cybersecurity into product engineering. Wabtec’s global product-based cybersecurity champion network fosters a community of practice, promoting continuous improvement and knowledge sharing.
Resilience for Critical Infrastructure
Wabtec's Product Security Incident Response Team manages incident response, responsible vulnerability reporting, triage, and disclosure. Our efforts also include ongoing vulnerability watch, security process status reporting, and comprehensive software integrity assessments, enabling resilience for mission critical freight rail, transit, mining, industrial and marine operators. Wabtec collaborates with customer security teams to jointly act based on vulnerability applicability and risk.
Third Party Risk Management
Dedicated policies, procedures, and teams support Third Party Risk Management, identifying and addressing potential risks within Wabtec's supplier network. This proactive approach supports industrial secure supply chain requirements.
Product Cybersecurity: A Team Effort
At Wabtec, we recognize that product cybersecurity is a team effort. Our role-based security awareness and training program builds security expertise among our system and software architecture, engineering, design, implementation, and testing teams. This multi-tiered training not only integrates security practices into day-to-day engineering, it provides opportunities to gain hands-on offensive and defensive skills and to learn from industry cybersecurity experts.