<a href="#">Mentions légales</a> <a href="#">Rechercher</a>
IT Security Consulting

As your data are essential, we make a priority to protect them.

Our business

  • Raise the overall level of security of your Information System.

  • Securing your information assets, your data and your infrastructure.

  • Accompany you in an effort to integrate security into your business strategy.

  • Text Hover
Our commitments

  • An ethics for fair and honest advice.

  • All our missions reports include recommendations and solutions to raise the implemented security level.

  • Custom-made services, sized as per the context of your organization.

  • Impartiality of the audit findings.

  • Strong principles of confidentiality.

  • Organize the work of your teams (transfer of competence, know-how).

  • Text Hover
Assess your security level

More and more open to employees, customers, partners or suppliers, IT environment offers an increased attack surface, whose perimeter is often difficult to monitor and protect. Combined with the fact that new vulnerabilities are discovered every day, and cyber-crime continues to grow, the risk increases over time. Therefore, the assessment of the security level of an information system is an essential step of the technical analysis of the risks facing the company.

For more than 10 years, we have been doing penetration testing. The goal is to discover the vulnerabilities allowing an attacker to break into the IT environment and/or compromise it by exploiting these vulnerabilities. We carry several types of pentest :
  • External penetration tests (websites, infrastructure, webservices, webmail,…)
  • Internal penetration tests (LAN, VLAN, intranet, VOIP, …)
  • Mobile application penetration tests (iOS, Android, Windows Phone,…)
  • Intrusion tests on WIFI networks
  • Intrusion tests on the portable equipment (laptops, tablets, smartphones…)
  • Penetration tests on the IoT (internet of things)
  • Intrusion tests in SCADA environment
For customer applying a security policy and customers wishing to know the State of their information systems and the possible discrepancies existing with their Information Security Policy (and/or other security standards such as ISO27k, Data Protection Act, …) at a given time (by legal or compliance obligation)
For clients having no formalized security framework , but concerned about the main risks and weaknesses affecting their IT Organization :
  • To review the IT environment. (technically and organizationally) to validate the adherence to best (security) practices,
  • To highlight the strengths and weaknesses of the IT environment and to provide recommendations for improvement.
Realized while a disaster is in progress (viral infection, cryptolocker, sabotage, leak of data …) on the IT environment or after (post-mortem analysis) :
  • Managing the crisis unit (short term actions, internal and external communication, PRA / PCA, …)
  • Know the extent of the disaster,
  • Discover the entry point, understand and stop (or limit) the incident extent,
  • Detect and analyze vulnerabilities that have been exploited,
  • List the gaps to be filled to avoid new disasters,
  • Collect intrusion patterns into the system (evidence, traceability).
  • Text Hover
Increase and manage the security of your Information Systems

Continuous improvement in the fundamentals of the security of the IT organization. Proposing a framework of security and governance, while bringing assistance to their establishment, these are the missions of the Security Officer, while contributing to the establishment of a high level of security, sustainable over time.

Under the form of a contractual framework for security or through punctual assignments, we accompany you on :
  • Advisory – Security assessment/diagnostic
  • Drafting and Implementation of IT Security Policies / Information Security Management Systems (ISMS) / Security Strategy
  • Drafting normative framework: Charter (User/Admin), awareness materials,…
  • Security and risk management (BIA, BCP, DRP) (pilot cybersecurity by risk management)
  • EBIOS risk analysis
  • IT Security PROJECT Management (embedding security into an IT Project)
  • Security by Design
  • Design and review of BCP/DRP
We propose to embrace the role of CISO. A senior security consultant regularly working within customer premises in order to drive all of the tasks necessary for the establishment of a high level of security, sustainable in time, working closely with client teams.
  • Text Hover
Monitor the security of your IS (SECaaS)

Regularly assess company exposed systems to vulnerabilities scan, allows you to discover, like a pirate, the flaws and weaknesses of the systems and perform the necessary security updates. Similarly, collect, centralize, identify security events, and correlate can detect attack patterns on the IT environment.

Monitoring is essential to effectively control the security of the IT environment.

The vulnerability scans are made periodically using professional tools, external and/or internal systems. They allow to :
  • Prevent and discover the appearance of new vulnerabilities,
  • Be proactive in the update and the security of its systems,
  • Monitor the exposure and reduce attack surface.
The security of the information systems requires attention and vigilance at all times: Monitor ongoing attacks, be informed of the latest vulnerabilities,… are required to ensure the security of the information system. The SIEM is the tool that allows to collect security events and to provide dashboards in order to have insights on malicious activity.
  • Text Hover
Raising awareness and training staff

Last “bulwark” of security, and particularly for ‘phishing’ attacks or “Nigerian scam”, the user must be aware and informed of the potential Information Security Risks affecting the organization in order to adopt good behavior and good security habits. The goal is to make your employees the strong link within the security chain.

To sensitize the user to risks and threats exposing the company we have developed interactive security awareness courses. E-Learning modules allow you to navigate with ease through the 360Learning platform.
The game “Keep an Eye Out” places the user in a situation in a fun and realistic environment. He will be the watchguard of the game character, to advise him on his behavior in situations on taking the right security decision..
We host training awareness sessions to groups of users to understand the risks and threats and have the right reflexes in security and organize communication (posters, newsletters…) throughout the campaign.
To test the reaction of the life-size users, we realize in agreement with the client a controlled phishing campaign to obtain opening statistics, click on link or seizure of fraudulent forms on the part of users.