CYBERSECURITY
FOR EVERYONE.
WITHOUT COMPROMISES.
AUDITS & TESTS
Methods of verification of your security level.
Penetration tests
Simulation of attacks on IT infrastructure allows detecting its weaknesses, which are possible cyber attack vectors. An additional advantage of the test is the possibility of conducting an attack from 'on-site', where we test the security layer from the physical side - simulating a physical attack on the infrastructure. Critical input vectors, which pose a current threat to the security of the tested entity, are immediately forwarded to the commissioning party, before the report is submitted.
LAN / WLAN networks:
The LAN / WLAN penetration test is security verification. During the execution, the following elements are checked:
  • WiFi security,
  • Performance of NAC systems
  • Resistance to spoofing
  • Sociotechnics using WiFi.
How we work:
All tests are performed in accordance with the PTES methodology. We use both automation tools and manual work performed on the basis of the found issues. Possible false-positive are verified and re-tested if necessary. The final result is a report containing all the issues found during the tests, described in a straightforward form along with their documentation.
IT security audits
Thorough verification of the state of security against the adopted standards and security policies defines the level of resistance of the examined resources to potential threats. Each of the audited elements is checked for external and internal security. There is also an inspection of the way data is transmitted and encrypted, as well as its recording.
Audit of IT/OT/IoT devices
Diagnosis of IT, OT (ICS/SCADA) and IoT devices with respect to security, communication and information transmission. We detect known vulnerabilities in Embedded Systems as well as new and unknown zero-day vulnerabilities.
Hardware:
To analyze the physical devices, we use:
  • UART/Serial Access,
  • Debugging JTAG,
  • Memory dump via SPI port,
  • Chip-off and memory chip analysis.
Software:
The security of the system and application layer is tested by:
  • Man-in-The-Middle attacks,
  • Fuzzing of available endpoints (by REST API),
  • Fuzzing of available endpoints (with REST API),,
  • Logical attack attempts.
Mobile application audits
We test mobile applications for available systems (Android / iOS), their combined elements such as API communication, automatic protocols.
Web application audits
Security verification of websites, as well as REST APIs, data transmission and storage of information sent by related systems.
CYBERSECURITY
Cyber-security in your hands.
Computer Forensics
DFIR action in cases of suspicion of current and past events such as employee disloyalty, fraud, network hacking, leakage, theft, data destruction and other IT incidents.
Data Recovery
We provide professional services of recovery and analysis of data from electronic data carriers. We deal with the recovery of data resulting from physical causes (fall, flooding, electrical overvoltage, degradation), logical (file saving error, loss of integrity, viruses or intentional damage), as well as those lost as a result of Ransomware attacks.
We recover data from storage media:
  • hard disks, including those from portable computers
  • memory cards
  • CDs , DVDs
  • Android/iOS smartphones (records of SMS, mms, instant messaging, e-mail, location and data files) and their analysis.
We retrieve data from operating systems:
  • Microsoft
  • Unix
  • Linux
  • MacOS.
Threat Hunting
The process of searching for existing threats in the IT infrastructure environment, as well as artifacts proving their previous occurrence. The search is supported by public and private IOCs.
Incident Response
Incident response is a structured approach to solving security breaches or a cyber-attack and its management, also known as a IT, computer or security incident. The aim is to deal with the situation in a way that reduces damage and decreases recovery time and costs.
OTHER SERVICES
Everything else that's security related.
IT security training
At a time when man is often the weakest link in an organisation's security chain, education of employees is extremely important. Our company offers IT security training to familiarize with good practices and methods of cybersecurity protection. There will be also a demonstration of real scenarios of attacks on the company, its infrastructure and employees using modern tools and techniques.
Cyber & Due Diligence
To subject a company to comprehensive, multifaceted analysis of its commercial, financial, legal, fiscal, and cyber-security health. Due diligence is aimed at a detailed assessment of the current situation of the enterprise and the identification of the existing and potential risks associated with the planned capital transaction (e.g. merger, acquisition, spin-off or sale of an organized part of the enterprise).
Non-standard services
We are eager to take on new challenges in the field of security and everything associated with it. Do you have a very unusual problem or an interesting idea? We will be happy to hear about it and help you solve it or to implement it!

You haven't found the service you are interested in?

Please contact us!

Go to top