• bullet Infrastructure (AEX, AII, TIE, TII, WIR, WEB, Cloud, APW, Physical)
  • bullet Users (Public information, Phishing, CAU, Management, Awareness)
  • bullet Policies and Procedures
  • bullet Training

Evaluate the actual state of security, based on the ability of the organization to prevent, detect, track and respond to attacks.

Evaluation is based on the following variables:

  • bullet Quantifiable and Comprehensive
  • bullet Valid over time
  • bullet Performed under a methodological framework that allows observation of progress
  • bullet In accordance to current laws
  • bullet Minimizing the impact on infrastructure and avoiding any evidence that could jeopardize the availability or performance of the service provided
cuadrados

 

TECHNICAL AUDITS

  • bullet Penetration Test (PenTest)
  • bullet External and Internal Security
  • bullet VPN
  • bullet Web Applications (Black Box and White Box)
  • bullet Code Audits
  • bullet Mobility Environments
  • bullet Network Architecture
  • bullet Securing devices
  • bullet WorkStation (Hits, Climbing privileges, UserDB, shares ...)
  • bullet Virtualization (Servers, Desktop, Networks)
security

 

PHYSICAL

Supported by the standard TIA-942:2005 and ISO 27002, as well as the current adjustment we will audit:

  • bullet Conditioning
  • bullet Intruder alarm systems
  • bullet Unauthorized physical connection to the networks
  • bullet Recording and Monitoring Systems
  • bullet Electrical, SAIS and Generators
  • bullet Communications
  • bullet Environmental Control
  • bullet Energy Efficiency
fisica

 

INDIVIDUALS

Carrying out social engineering attacks by highly qualified personnel, to obtain sensitive information, credentials, unlawful creation of users, etc.. Among other tasks:

  • bullet Search of public records
  • bullet Forums and Social Networking
  • bullet User Support Center
  • bullet Spear Phishing
  • bullet Using decoy devices infected with malicious code
  • bullet Training sessions and awareness at all levels
personas

 

PROCEDURES

Our services are designed to ensure compliance with legislation, regulations and applicable security standards.

  • bullet Preparation of the regulatory body of information security
  • bullet Defining an Awareness Plan
  • bullet Risk analysis
  • bullet Computer Contingency Plan
  • bullet Business Continuity Plan.
  • bullet Comprehensive Security Plan
procesos

logo Sekura

 

© 2016 SEKURA / All Rights Reserved.
Disclaimer - Sitemap.