Flexible threat assessment & security incident management
Manage cyber threats thanks to our advanced expertise delivered in service mode.
We cover five main areas:
• Advanced Mass Forensics
• Reverse Engineering
• Penetration Test
• Incident Response
• Cyber Consulting
24/7 global support through all stages of the incident response process
Ensure the protection of your most sensitive infrastructures and data with our incident response service.
We support you at each step of an Incident Response: detection, containment, reconstruction and crisis management, while respecting your operational constraints.
Our solution offers you a service of distant investigation and qualification of your incidents and an immediate reactivity. We offer you an international 24/7 service of containment and then restoration of systems by our European teams of CSIRT experts.
We also help you once the crisis is under control to rehabilitate and improve the protection in place, with the development of a tailor-made strategy.
High-grade and automated digital forensics
During a classic computer Forensic capture and investigation, our experts concentrate their analysis on disks, logs, networks and mobiles.
In case of Incident Response or legal procedure, our team supports you during the different phases.
• Processing and analysis of information on digital media provided by customer
• Analysis of the customer’s infrastructure events timeline to detect signs of compromising
• Restoration of the events history in accordance with legal requirements
After remediation and restoration, our complementary services will help increase your security.
Assess the technical protection of your critical assets
Preparation and execution of technical audits and high-grade custom penetration tests in accordance with your environment and needs.
Our expertise focuses on SCADA infrastructure pen testing, APT threat simulation, and defence assistance.
We offer three possibilities of penetration testing :
- Black-box: the auditors will not be given any knowledge about the audited asset or group of assets so as to place themselves in the position of a malicious third-party
- Grey box: the auditors will be given the knowledge of a legitimate user (e.g. valid credentials) so as to place themselves in the position of a malicious user or a third-party that could get this information through a first successful attack
- White box: to fully assess the risks of escalation and propagation, the auditors will be given all the knowledge they need (e.g. source codes and configurations) so as to place themselves in the position of a malicious third-party or user that has already compromised part or the entire asset or group of assets
The audited asset, or group of assets, can include one or more of the following:
- Hardened system
- Private network
- Public address
- Web, mobile and native application
- Contactless access control systems
- PMR infrastructure