Infrastructure security tests
Internet contact tests
Thanks to the test, you will find out how sensitive your organization is to attempts to access internal resources from the Internet, whether it is possible at all, and whether it is possible to disable services available at the interface between your network and the Internet.
LAN network tests
Local Area Network (LAN) security tests are a key element of the security strategy, because on their basis you will learn how to protect the network against the identified and most common threats.
Wireless network tests
The purpose of the test is to detect anomalies in order to determine the risks resulting from the possibility of obtaining data in an unauthorized manner, the authorization security measures used, the desired network coverage, power and characteristics of signal propagation, quality and stability of data transfer.
Device tests network
Thanks to the test, you will learn how resistant each of the devices we verify is to unauthorized attempts to obtain information. For verification, we use fuzzing techniques as well as manual and automatic methods of breaking security. In addition, we will tell you how to seal the configuration.
Active Directory / LDAP tests
The tests are designed to identify weaknesses in the configuration and distribution of business rules. An important element is the review of the security of servers maintaining AD / LDAP in terms of accessibility and protection of user data (including personal data breaches - GDPR).
Firewall tests (firewall, UTM)
The tests consist in examining the effectiveness of devices used to protect and filter traffic. As we expect the highest efficiency of these devices, their configuration is crucial in order to ensure an adequate level of security in terms of traffic filtering, efficiency and the correctness of business rules.
We verify compliance with the National Interoperability Framework
Passwords used tests
The purpose of the tests is to identify and eliminate weaknesses in the field of passwords used. Despite the adopted password policy, users often use password management procedures in accordance with the adopted scheme, which, although meeting the organization's security policy, are easy to guess. We detect and eliminate such weaknesses of passwords and bad habits of people.
Antiviruses are widely used, but most of us do not check how effective they are when choosing them. Sometimes it happens that we only rely on a ranking that we have to believe. We verify the effectiveness of the antivirus by generating thousands of crafted malware samples and test the effectiveness of a given antivirus in detecting them and dealing with code obfuscation techniques.
Hardening services consist in the verification of many different elements of the infrastructure: network equipment, servers, operating systems, system and network services in order to increase the resistance to attacks through personalized, advanced configuration focused on the maximum level of security of a given element.