Today, a good Cybersecurity strategy has become one of the central axes for the healthy development of companies.
Understanding the risks businesses face today is our specialty. We are committed to safeguarding one of the most precious assets for our business partners, information.
Clarico-Image-Text

vulnerability scan



The Vulnerability Analysis is a test that is carried out on the technological services of the organization (in the facilities and in the Cloud), through the use of some tools, which aim to detect known vulnerabilities, internal and / or external, to report them under standards like CVE. (Common vulnerabilities and exposures).

Service Activities

Collection and enumeration of information

Vulnerability scan
- Operating system
- Web services

Analysis of the information collected

Additional exams
- Wireless networks
- Databases
- Applications

Remediation (if applicable)

Validation (new test)



pentesting



These are automatic or manual tests, which allow us to exploit the vulnerabilities found to determine their veracity. It is a systematic process, in different modalities (Black, Gray or White Box), in which methodologies such as OSSTMM, ISAF, OWASP, among others, or proprietary methodologies such as the EC-Council's LPT or the PCI-DSS are opened.

Service Activities

MANUAL exploitation of vulnerabilities reported by previous analyzes
- Use of variants, parameters, modifications

Findings in a technical and executive report

Remediation (if applicable)

Validation (new test)

Clarico-Text-Image
Clarico-Image-Text

security awareness program (sap)



With this service we seek to provide the institution with the necessary information and tools at all levels, in order to generate security awareness and that each employee becomes a defender of the institution's assets.

Service Activities

It is a service in which we use two elements to educate employees about the correct use and practices of company assets.

Educational and automated platform, where we generate awareness campaigns for employees, with an assisted or autonomous planning and monitoring scheme, for the assigned resources. Delivery of real results, based on an initial evaluation and one after the launch of these campaigns.

Complementary material with information on Cybersecurity, delivered on site; to reinforce the speech, while the automatic campaign is running. This is accompanied by conferences on topics associated with strengthening institutional security and the safe management of digital assets.