Services

INFORMATICS AND INFORMATION SECURITY CONSULTING

The members of our team have 15-20 years of experience in IT-security, system integration, architecting and development. Thanks to our complex knowledge we provide you the comprehensive IT-security service from ethic hacking to auditing. We have up-to-date knowledge of operating systems, networks and development technologies.

How do we work?

IDENTIFICATION >

DEFENSE >

PERCEPTION >

RESPONSE >

RECOVERY

SERVICES

ETHIC HACK (BLACK-BOXING AND GRAY-BOXING)

We carry out a targeted IT attack on the system under investigation from the Internet or the internal network. We try to crack that system in a way that makes us real attackers. We record the mode of the attack and its results step by step, revealing the weak points of the system. A detailed report is prepared on the process, detailing the security vulnerabilities found and proposing improvements.

Vulnerability testing on servers, network and mobile devices

We use automated and “manual” procedures to assess the security level and vulnerability of servers, network and mobile devices. We prepare a summary report on the vulnerabilities, in which the security vulnerabilities found are grouped according to their severity, and a proposal is made for their solution.

 

Vulnerability testing of technological systems

Vulnerability testing of a company’s technological system, which includes the following activities:

  • Situation exploration: mapping the structure and operation of network infrastructure and services.
  • Inspection: a study of the operating conditions and behavior of a network system.
  • Vulnerability testing: examination of the network of technological systems used by a given company. During the investigation, we discover the internal vulnerabilities of the given technology network, separately examining the servers and the systems running on the servers, as well as the components of other technological devices. Knowing the results of the performed tests, the company gets an objective picture of the current security level of the technological systems and possible shortcomings.

Hardening (IT and technológiai)

Based on the results of the ethical hack and vulnerability test, we propose or make changes to the system, supplemented by information from a “manual” survey of the system and consultation with its operators. As a result of this process, the security level of the system is significantly increased.

Social engineering

Non-technological type intrusion attempt into the examined system or systems. With the method of psychological manipulation, we try to obtain information from the given target group or target person with which we can gain access to the system or facilitate access to the methods by technology. We explore the vulnerabilities inherent in the human factor and, in the form of a report, propose changes to the necessary IT security policies and, if required, make proposals on the IT security topics to be taught.

Source code auditing

Having the source code, we examine the application from an IT security perspective. We will examine whether it contains so-called a backdoor, or a design or programming error that may pose a security risk, and we suggest correcting them. We have competence and reference in both the development and auditing of technological systems.

Our ratings

N

Certified in Risk and Information Systems Control (CRISC)

N

Certified Information Security Manager (CISM)

N

Certified Information Systems Auditor (CISA

N

ITIL v3 Foundation

N

ISO 27001:2005 Information security inside auditor

N

Certified Cisco Systems Instructor (CCSI)

N

Cisco Certified Network Associate (CCNA)

N

Microsoft Certified Systems Administrator (MCSA)

N

Microsoft Certified Technology Specialist (MCTS)

ouratings Lillyneir

Technologies in use

N

BurpSuite

N

Tenable Nessus

N

IDA Pro

N

Arachni

N

Nmap

N

Nexpose

N

OpenVAS

N

Titania Nipper

Technologies in use