Description

The information systems of a Company are exposed to vulnerabilities that may pose a risk in IT assets at the level of availability, integrity and confidentiality with the consequent impact on the operation of the business.

Objective

Detect vulnerable vectors in the organization, whether external or internal, and as a result, take corrective measures to avoid intrusions, thereby raising the level of security of the IT assets involved.

  • Secure FootPrint
  • External Audit (Pentesting)
  • Internal Audit

Benefits

Have a real view on the level of security.

  • Vulnerabilities detected
  • Level of impact in the organization
  • Risk mitigation measures

At the end of the audit, and as a result of this, a report is made with the current situation in detail and the recommendations to be followed.

We offer the possibility of having regular support and monitoring through an Annual Cybersecurity Plan.

Secure Footprint

Companies over time leave their “fingerprint” on the Internet. This footprint includes all the data that a company has published or propagates (documentation, emails, metadata, etc.) outside its domain, as well as the technologies used.

Objective

Through the “Secure FootPrint” audit, information published and available on the Internet is searched to validate the level of existing security.

Depending on the result obtained, an External Audit is carried out.

Benefits

Identification of the security level of the architecture used in the construction of the Company’s web environment.

Report with relevant data regarding the URL or IP:

  • Encryption algorithms, metadata, architecture used, access validation…

It is a non-intrusive analysis (there is no impact on the Company’s infrastructure), since the information is public and accessible through the Internet.

External Audit

In addition to being aware of public and published information, Companies must know the degree of exposure to threats, on which their web services are based.

Objective

  • Identify vulnerabilities of the different services (IP’s, URL’s).
  • Have an overview of the current status of services.

Benefits

  • Know the vulnerabilities that could be likely to be used by any attacker, as well as being aware of the degree of criticality and actions to be taken to mitigate them.

It is an intrusive analysis. For its realization, we rely on:

  • In international standards, mainly OWASP and OSSTMM.
  • In Own Creation Methods and Tools, which allow not only to perform status checks, but to increase the vulnerability detection rate.

Internal Audit

Companies must be aware that the data they use in operations and decision-making are collected and stored in information systems, which are susceptible to attacks, such as ransomware, malware, theft, etc.

Objective

  • Have an overview of the current status of the assets that are part of the information systems.
  • Identify the vulnerabilities of different types of assets.
  • Mitigate the risk associated with the identified vulnerabilities.

Benefits

  • Know the impact of vulnerabilities.
  • Corrective actions on how to mitigate identified vulnerabilities.
  • Recommendations and application of best practices for the security of the assets involved.

It is an intrusive Analysis in which no vulnerability is exploited that jeopardizes the confidentiality, integrity and availability of information systems.

We provide, through our knowledge and good practices, the corrective measures to apply.

Are you interested in this service for your company?

Get in touch with us, solve your doubts or ask us for a personalized quote

Contact