Thanks to consolidated experience and dynamic and qualified expertise, we implement winning strategies against a high number of cyber threats through identification and neutralisation analysis.
01
VULNERABILITY ASSESSMENT / PENETRATION TEST / Compliance Audit
- Vulnerability Assessment using proprietary and opensource tools to highlight possible vulnerabilities in IT systems
- Penetration Test with an international group of CEH, OSCP OSSMMT-certified penetration testers to emulate the malicious behaviour of attackers in Black Box, White Box, Grey Box modalities.
- Consulting services for procedure verification, assessed in accordance with the main standards and best practices.
- Active and passive compliance audits with analysis and supervision of configuration and architectural statuses based on fundamental standards, such as SOX, ISO27001, PCI, GDPR.
02
Security Code Review
Our experts perform Security Code Reviews in two ways:
- Dynamic analysis – following result validation by the client, Code Reviewers release a report of OWASP non-complying misconfigurations or code sections
- Static analysis - through Appscan/Application Inspector/Microfocus Fortify on PHP, JAVA, C, C# codes followed by Patch Develop report creation
At the end of the procedure, reports are drafted listing vulnerabilities and security levels met with detailed classifications and possible corrective measures.
03
Security Application Developer
Our team of experts is specialised in anti-ransomware and anti-malware software development in the military and institutional fields and in the development of web applications in the area of security.
04
Soc Service
We offer Security Operation Center services with the following Analysis levels:
- First-level analysts – Monitoring, Incident Management and Front End
- Second-level analysts – In close collaboration with First-level analysts, they carry out malware analysis and countermeasure application activity analysis to block attacker IP addresses
The procedure ends with real-time monitoring through correlation activities in order to identify systemic critical points. This service enables the client to identify what is happening inside the network and recognise an IT attack from the onset.
05
OSINT Investigations – Open Source Intelligence
We carry out OSINT investigation activities following security incidents relating to institutional and military entities.
Our team of OSINT analysts operates using proprietary and opensource tools. Thanks to the OSINT Report, the client can have a full and detailed overview of the tests carried out and validated.
06
DIGITAL FORENSIC INVESTIGATION
Our technical experts are specialised in corporate security incident investigations.
These activities are carried out in two ways:
- Active: through the use of proprietary tools supported by forensic team analysis
- Passive: through open source tools
07
Malware Analysis
We analyse malicious Payload following security incidents regarding institutional and military entities, developing a deep understanding of tools and tactics used by attackers and proactively adopting prevention strategies.
The client receives a final report to extrapolate the IOC (Indicators of compromise) to apply in its infrastructure with Block countermeasures.