As your data are essential, we make a priority to protect them.
- Raise the overall level of security of your Information System.
- Securing your information assets, your data and your infrastructure.
- Accompany you in an effort to integrate security into your business strategy.
- An ethics for fair and honest advice.
- All our missions reports include recommendations and solutions to raise the implemented security level.
- Custom-made services, sized as per the context of your organization.
- Impartiality of the audit findings.
- Strong principles of confidentiality.
- Organize the work of your teams (transfer of competence, know-how).
More and more open to employees, customers, partners or suppliers, IT environment offers an increased attack surface, whose perimeter is often difficult to monitor and protect. Combined with the fact that new vulnerabilities are discovered every day, and cyber-crime continues to grow, the risk increases over time. Therefore, the assessment of the security level of an information system is an essential step of the technical analysis of the risks facing the company.
- External penetration tests (websites, infrastructure, webservices, webmail,…)
- Internal penetration tests (LAN, VLAN, intranet, VOIP, …)
- Mobile application penetration tests (iOS, Android, Windows Phone,…)
- Intrusion tests on WIFI networks
- Intrusion tests on the portable equipment (laptops, tablets, smartphones…)
- Penetration tests on the IoT (internet of things)
- Intrusion tests in SCADA environment
- To review the IT environment. (technically and organizationally) to validate the adherence to best (security) practices,
- To highlight the strengths and weaknesses of the IT environment and to provide recommendations for improvement.
- Managing the crisis unit (short term actions, internal and external communication, PRA / PCA, …)
- Know the extent of the disaster,
- Discover the entry point, understand and stop (or limit) the incident extent,
- Detect and analyze vulnerabilities that have been exploited,
- List the gaps to be filled to avoid new disasters,
- Collect intrusion patterns into the system (evidence, traceability).
Continuous improvement in the fundamentals of the security of the IT organization. Proposing a framework of security and governance, while bringing assistance to their establishment, these are the missions of the Security Officer, while contributing to the establishment of a high level of security, sustainable over time.
- Advisory – Security assessment/diagnostic
- Drafting and Implementation of IT Security Policies / Information Security Management Systems (ISMS) / Security Strategy
- Drafting normative framework: Charter (User/Admin), awareness materials,…
- Security and risk management (BIA, BCP, DRP) (pilot cybersecurity by risk management)
- EBIOS risk analysis
- IT Security PROJECT Management (embedding security into an IT Project)
- Security by Design
- Design and review of BCP/DRP
Regularly assess company exposed systems to vulnerabilities scan, allows you to discover, like a pirate, the flaws and weaknesses of the systems and perform the necessary security updates. Similarly, collect, centralize, identify security events, and correlate can detect attack patterns on the IT environment.
Monitoring is essential to effectively control the security of the IT environment.
- Prevent and discover the appearance of new vulnerabilities,
- Be proactive in the update and the security of its systems,
- Monitor the exposure and reduce attack surface.
Last “bulwark” of security, and particularly for ‘phishing’ attacks or “Nigerian scam”, the user must be aware and informed of the potential Information Security Risks affecting the organization in order to adopt good behavior and good security habits. The goal is to make your employees the strong link within the security chain.