Make sure that your internal network, application, or IoT object is protected against cyberattacks
Benefit from our expertise all year round and review your internal system's defences.
SME and startups in the early stages of their security process.
Monthly custom support duration varies, we recommend 1h to 3h.
Example support:
Please refer to the "Internal Audit" section in "Single audits" for more information about the included technical review.
Benefit from our expertise all year round and test all your processes, defences and employees in an attack simulation.
Companies who want to challenge their security efforts against a real attack scenario and push their defences to the next level.
Monthly custom support duration varies, we recommend 1h to 3h.
Example support:
Please refer to the "Red Team" section in "Single audits" for more information about the included technical review.
Train 1 to 3 employees in performing an IT security audit.
Companies with an internal IT department composed of at least one person.
The participant(s) must master the target information system and also have a minimum of IT knowledge (examples: network, system administration, etc.).
Made entirely on site, at the customer's premises.
The training consists in carrying out a complete audit of the information system of the client company, from its planning to the transmission of the written audit report.
Training participants learn how to conduct an audit by carrying it out themselves, while being accompanied by one of our experienced auditors.
We recommend that trainees put into practice their new skills with each major system change or periodically.
This audit performed independently internally does not entirely replace audits carried out by experienced external service providers.
Attack simulation where employees, tools and processes are tested in a real but controlled scenario.
Companies with a minimum of maturity in information systems security (awareness, deployment of security tools,...).
The auditor puts himself in the shoes of an external attacker and
begins his penetration test with as little information as possible about his target (black box).
This format includes:
Intrusion simulation using the compromised employee model (e.g. weak or leaked password).
Any company with an internal information system.
This type of audit enables to concentrate the tests on elements of the system already identified: the ones most at risk, the most critical ones and those accessible internally.
This format includes:
Tailor-made research projects allowing in-depth analysis of security functions and vulnerabilities. Check our Blog!
The kind of information that is typically obtained is of the following nature:
Internal and external attacks on applications to highlight vulnerabilities.
Companies developing their own web and/or android applications.
We use the OWASP methodology for such audits, utilizing industry standard tools like BurpSuite and SQLMap, but also custom programs we designed for specific tasks.
For Android, we use rooted devices to check for vulnerabilities over network protocols, as well as local attacks (code exploits, permissions, sensitive logs).
Aettos Top 5:
Let's discuss the security of your internal system, application, website or IoT object!
Send us an email!
contact (at) aettos.com
Book a call with us
Select your preferred date and time and book your call
