Cyber security
Cyber security is the application of technologies and processes to protect systems, networks, devices and data from cyber attacks. The main purpose is to reduce the risk of such attacks, and to protect against unauthorized exploitation.

Why is cybersecurity important?

Cyber attacks are a way to get big money

These attacks are financially motivated most of the time. Incentives can also be political, ethical or social.

The costs of cyber security breaches are rising

General data protection regulation (GDPR) laws can have high repercussions due to their breach due to low security. The negative non-financial effects that can tarnish an organization’s image must also be considered.

Cyber attacks are becoming more and more sophisticated

These attacks have a very fast level of development, making security difficult. Advanced tactics are used, which extend in variety.

Our work in security, step by step

1. Network perimeter testing

A very important first step, in which ethical hackers aim to discover the information that can be obtained by potential attackers. Internal threats such as dissatisfied customers, suppliers, partners or even employees are also brought to the surface.

To understand the severity of an attack, here are some examples of what we can reveal:

  • Company details
  • Illegally obtained databases
  • Personal and contact information of employees and company leaders
  • Publicly exposed company information, such as domain names or IP addresses
  • Possibility of capturing data as it travels through the network
  • Documenting and segmenting network components

In order to analyze the potential of these attacks, the vulnerabilities are completely scanned, the results are filtered, and a simulation of the scenario in case of attack is created.

Mobile:

In the pentesting process we also target mobile devices, especially applications used in the company. The testing is equally rigorous, paying close attention to all applications, both the most frequently used and the least frequently accessed.

Our main goal is to educate the client in the field of security. It is essential to recognize the risks you face when introducing mobile devices into your business. Together we can find solutions for the most effective protection.

2. Pentesting for applications

Web:

As the applications usage increases, so does the risk of attack. Therefore, it is important to detect their vulnerabilities by using a security audit.
This step requires a lot of detail, so we do a thorough code review. This identifies exactly the steps needed to improve the code to prevent any security attack.
Such an analysis is critical in preventing attackers from gaining access to the company’s confidential information, which it may later disclose to the public.
Issues that may occur in web applications:

  • SQL injection
  • Cross-site scripting
  • Poor encryption
  • Unprotected authentication

Mobile:

In the pentesting process we also target mobile devices, especially applications used in the company. The testing is equally rigorous, paying close attention to all applications, both the most frequently used and the least frequently accessed.

Our main goal is to educate the client in the field of security. It is essential to recognize the risks you face when introducing mobile devices into your business. Together we can find solutions for the most effective protection.

3. Pentesting for wireless networks

Another vulnerable area are wireless networks, which we deal with at any pentesting. We want to know how safe they are, this being explained to the client together with the presentation of the analysis results and indications.

Any system connected via wireless will receive the same analysis to know their security when transiting these networks.

A vulnerability is caused by the use of an unsafe wireless network by an employee on the company’s phone, or by an incorrect network configuration, which can allow attackers to access the wireless network from a considerable distance.

4. Pentesting for IoT

IoT – Internet of Things devices are used in companies and include sensors, software, elements that are constantly connected and exchange data. It is very important to determine their level of security, and whether the data can go through these systems in a private and secure way.

The evaluation of these devices includes:

  • Firmware operation, which is integrated
  • Controlling devices by injecting malicious commands
  • Modification of data sent by these devices

What we want to achieve is the understanding of the security standard of the company, and verifying the legitimacy of the information and orders issued by these devices.

5. Testing the ability to deal with DDoS and DoS attacks

DDoS and DoS attacks are designed to disable security measures and put offline sites used by a large population.

Thus, as part of pentesting, we check whether your network and its components are facing such attacks. We also evaluate anti-DDoS measures and solutions to see if the network architecture can withstand such overload.

6. Pentesting for PCI DSS

Payment Card Industry Data Security Standard was created to ensure the security of at least one level of cards used by customers. The importance of testing vulnerabilities in this case is self-evident. Our security experts simulate attacks to exploit vulnerabilities that are sometimes overlooked by automated tools.

Due to the frequent attacks of this kind, it was necessary legal contexts that oblige all companies that work with card data at least once, or twice a year. Such tests can be Segmentation Testing, Vulnerability Assessment and Penetration Testing.

7. Pentesting for Norma 4 / ASF 2018

The abbreviation for FSA comes from the Financial Supervisory Authority. They have created a regulation that requires insurance companies to do pentesting to confirm the correct use of security rules.

We have the knowledge and training to provide cyber security services. These can be:

    • Plans for recovery from attacks, and improved security and functionality
    • 24/7/365 monitoring to ensure, track and identify attacks effectively.
    • Plans to prevent data loss and leakage
    • Risk assessments
    • Risk management
    • Improving and creating processes to ensure that the organization meets cybersecurity standards

Services

Hardware
Development

In this segment of technology, we rely on the actual construction of prototypes for security.

Networking and robotics

Our company offers indoor or street car park management services. This is essential, given the steady increase in the number of cars that require well-developed logistics.

Custom cloud
services

Our company offers cloud servers, customized with security included and backup solutions for cyber attacks. How do cloud services work?

Scroll to Top