Security evaluation & auditing

  • Global security audit

A global security audit is composed of global reporting including of multiple services :

* Evaluation of the strategy, governance and architecture

* Evaluation of the exploitation of all ICT components (such as servers image, antivirus, network components, security baselines,..) and operational aspects (processes, compliance, ISO27001, NIST ; SANS..)

* Evaluation of the physical security

* Pentest from a corporate pc running on the corporate network.

* Vulnerabilty assessement of your networks (interne & externe)

* Pentest of your websites and other critical web applications

* Evaluation of the quality of your firewall rules

 

  • Appliations &web app pentests

To validate the level of security of your web application, we pentest your web application and we deliver your a report with our findings.

We will are searching for all the most common flaws (such as OWASP Top 10).
We can pentest your website, your intranet, your mobile app (android, ios) or your extranet and B2B infrastructures (such as webservices API).

 

  • Infrastructure pentest

To validate the level of security of your infrastructure, datacenter on premise or cloud environement,we pentest these assets and we deliver your a report with our findings and a remediation plan.

Multiple infrastructure pentests or vulnerability assessments can be organized :

  • Vulnerability assessment of your internal networks (user network, datacenter, DMZ, VoIP network,..). We are discovering the network and we report you the presence of vulnerable assets (unpatched server, misconfigured services,.)
  • Vulnerability assessment of your external networks (DMZ, Internet facing, email infrastructure or implementation,..). We are discovering the network and we report you the presence of vulnerable assets (unpatched server, misconfigured services,.)
  • Pentest your WiFi infrastructure : Is your wireless environment secure enough ? Is a guest connected to the Guest WiFi able to access my internal network ?
  • Pentest other infrastructure component such as a IP PBX, a SSL VPN solution, a network connectivity to a partner or to the extranet, a BYOD environement, security camera environment,..

 

  • Firewall rules set quality evaluation

We audit your firewall rulebases, evaluate the potential gap with the best practices, to your internal policie and we deliver you a report.

 

  • Social engineering test and simulation

We simulate a social engineering attack to test and evaluate how your employees react, how your ICT staff react (incident response) and what is the level of security awareness in your company.

 

  • Detect spy cameras and spy micros

If you are worried about the presence of spy cameras or spy micros in your offices, cars, meeting rooms,.. we can organize a « sweeping » to research potentially hidden cameras or hidden micros which are spying your staff at every moment.