Today, a good Cybersecurity strategy has become one of the central axes for the healthy development of companies.
Understanding the risks businesses face today is our specialty. We are committed to safeguarding one of the most precious assets for our business partners, information.
Understanding the risks businesses face today is our specialty. We are committed to safeguarding one of the most precious assets for our business partners, information.
vulnerability scan
The Vulnerability Analysis is a test that is carried out on the technological services of the organization (in the facilities and in the Cloud), through the use of some tools, which aim to detect known vulnerabilities, internal and / or external, to report them under standards like CVE. (Common vulnerabilities and exposures).
Service Activities
Collection and enumeration of information
Vulnerability scan
- Operating system
- Web services
Analysis of the information collected
Additional exams
- Wireless networks
- Databases
- Applications
Remediation (if applicable)
Validation (new test)
pentesting
These are automatic or manual tests, which allow us to exploit the vulnerabilities found to determine their veracity. It is a systematic process, in different modalities (Black, Gray or White Box), in which methodologies such as OSSTMM, ISAF, OWASP, among others, or proprietary methodologies such as the EC-Council's LPT or the PCI-DSS are opened.
Service Activities
MANUAL exploitation of vulnerabilities reported by previous analyzes
- Use of variants, parameters, modifications
Findings in a technical and executive report
Remediation (if applicable)
Validation (new test)
security awareness program (sap)
With this service we seek to provide the institution with the necessary information and tools at all levels, in order to generate security awareness and that each employee becomes a defender of the institution's assets.
Service Activities
It is a service in which we use two elements to educate employees about the correct use and practices of company assets.
Educational and automated platform, where we generate awareness campaigns for employees, with an assisted or autonomous planning and monitoring scheme, for the assigned resources. Delivery of real results, based on an initial evaluation and one after the launch of these campaigns.
Complementary material with information on Cybersecurity, delivered on site; to reinforce the speech, while the automatic campaign is running. This is accompanied by conferences on topics associated with strengthening institutional security and the safe management of digital assets.