Security

The areas of action of our security consulting services are:

  • Confidentiality: Ethical hacking, Intrusion Test, Access Control, Security Audits, safe code analysis.
  • Availability: contingency plan, BIAs, PCNs.
  • Legality: adjustments to the LOPD, LSSI advice.
  • Normative: gap analysis with respect to ISO 27001, ISMS.

As partners of Micro Focus and Sophos we can supply, implement, maintain and support the implementation of their respective products.

We have a practical vision of Information Security Management. We rely on services limited on time and budget that offer quick-wins to our clients so that they can rationalize investments and accelerate the implementation of necessary corrective measures.

MORE INFORMATION

Pen Testing – Ethical hacking

Security audits should contribute to improving the robustness of systems and applications against possible attacks and intentional misuses.

Within our security area of ToBeIT we perform technical security audits in its various modalities. We organize the audits in phases, through which, and among other activities, we evaluate the possibility of penetration in the systems analyzing the vulnerabilities as a whole; we check the security of the network and the devices; we analyze the resistance against a malicious attack of the applications, of their possible intentional misuses and of the robustness of passwords; we check the vulnerabilities of the code; etc.

We carry out the following types of technical audits:

  • Technical Perimeter Security Audit
  • Internal Security Technical Audit
  • Security Technical Audit of Wifi devices
  • Access Security Technical Audit
  • Technical Security Audit of Web Applications
At the end of the technical safety analysis, we deliver two reports: one with the technical vision (describing the process followed) and another, the audit report including the vulnerabilities found (classified by levels of risk), the possible corrective measures and a proposed action plan.

Additionally, we always propose a workshop to present results for the attendees that the client requires (CIO, CISO, CTO, CEO, DG).

Request information without commitment
By submitting the application you accept the conditions of the legal notice