We offer services focused on mitigating Information Security Risks in the areas of Confidentiality, Availability and Integrity.
We have a practical vision of Information Security Management. We rely on services limited in time and budget that offer quick-wins to our clients so that they can rationalize investments and accelerate the implementation of necessary corrective measures.
Confidentiality: Ethical hacking, Intrusion Test, Access Control, Security Audits, safe code analysis.
Availability: contingency plan, BIAs, PCNs.
Legality: adjustments to the LOPD, LSSI advice.
Normative: gap analysis with respect to ISO 27001, ISMS.
Security audits should contribute to improving the robustness of systems and applications against possible attacks and intentional misuses.
Within our security area of ToBeIT we perform technical security audits in its various modalities. We organize the audits in phases, through which, and among other activities, we evaluate the possibility of penetration in the systems analyzing the vulnerabilities as a whole; we check the security of the network and the devices; we analyze the resistance against a malicious attack of the applications, of their possible intentional misuses and of the robustness of passwords; we check the vulnerabilities of the code; etc.
We carry out the following types of technical audits:
Technical Perimeter Security Audit
Internal Security Technical Audit
Security Technical Audit of Wifi devices
Access Security Technical Audit
Technical Security Audit of Web Applications
At the end of the technical safety analysis, we delivered two reports: one with the technical vision (describing the process followed) and another, the audit report including the vulnerabilities found (classified by levels of risk), the possible corrective measures and a proposed action plan.
Additionally, we always propose a workshop to present results for the attendees that the client requires (CIO, CISO, CTO, CEO, DG).