Penetration testing simulates a real hacking attack in a controlled manner, and represents itself the most reliable way to ensure effectiveness of the information security controls. Our penetration test is tailored to specifics of each client and conducted in a maximum accurate way to not disturb business process. We are able to perform the test using different methods and on all kinds of infrastructures. Existing exploits are tuned to work inside the customer IT environment and we’re capable to develop new exploits. Our tools are obfuscated to bypass intrusion detection and antimalware solutions.
Information security governance.
According to the modern practices, the information security governance is an essential part of the overall enterprise governance. It ensures risk control, supports realization of business goals and allows to optimize resource spent on data protection. Mature processes and widely recognized information security management system certifications in many cases is a requirement to get trust from customers. Our team is ready to develop and support enterprise information security management system according to the best practices. Our service can contribute to any implementation and certification project which delivers compliance with one of the company level information security certifications: ISO27001, PCI-DSS, SOX, etc.
One of the core processes for any information security management system is the Incident management process. For our clients we can offer a quick and efficient help on any stage of their incident resolution. This includes computer forensics, malware analysis, threat intelligence, system hardening and any other activity regarding incident response, recovery and follow-up steps.
We can provide our competent resources to monitor, support and maintain components of information security architecture, including SEIM, Log management, PKI, IDS/IPS, Identity and access management, DLP, anti-malware, etc. solutions.
As we have many years of expertise in multiple domains of information security we are ready to share this knowledge with our clients. We can offer a range of trainings which cover all aspects of information security: governance, secure software development, vulnerability assessment, awareness, etc.