Koftec
[Where IT performance matters]
Koftec

Security

The objective is to identify potential security problems as well as weaknesses in your infrastructure. The identification of these weak points allows you to set up and refine your security policy, but also to have simple and concise documents in the event of a crisis, allowing you to effectively apprehend any critical situation in a real case.

 

Digital Footprint audit (or Reconnaissance)

Objectives

The goal is to map the attack surface of your business. This is the very first step an attacker takes in order to assess the exact targets. Then, it is possible to reduce your company’s external exposure, and therefore limit the security risks.

Steps

This type of audit is not offensive, and does not involve any attack on your infrastructure. Assuming that an attacker only has the name of your company, we map the visible footprint of your company with this single element.

Security audit

Objectives

Regardless of your business size, the risk of an attack or security incident is real. The objective of the security audit is to help you first assess your company’s ability to protect itself against this type of threat. These security audits are organized around 3 fundamental objectives:

  • Assess the risk to which the company is exposed
  • Identify vulnerabilities
  • Improve the security of your business

Steps

Each Security Audit is tailor made and depending on your business needs, so here are the possible stages of our audits:

  • Define and prepare the audit’s scope
  • Physical and organizational audit
    • Physical: overview of your Information System security
    • Organizational: risk and impact assessment (procedure, organization, incident response)
  • Pentest: Objective is to simulate one or more attacks and assess the damage that can be caused.
  • Report: Results of all the tests (vulnerabilities detected, risks for the company, …), with improvement proposal and securing. While specifying and categorizing the vulnerabilities detected according to their impact on your company as well as the difficulty in exploiting them and the necessary cost for security platforms.

Security organization

  • Define your security strategy, in line with the results obtained during the security audit
  • Advice & assistance on the implementation of security solutions adapted to your needs and use (SIEM, Monitoring, Scan, …)
  • Helping you writing your Security policy and IT Charter
  • Analysis of your security needs