- Comprehensive security analysis including network infrastructure elements and user stations in physical and virtual environments. The service is supplemented by mapping of organisational perimeter and risk qualification.
- Dynamic and static “web and non-web” tests of applications, supplemented by penetration tests
- Comprehensive risk analysis based on the visibility of the organisation within the Internet and risk qualification regarding attacks and data leaks via social engineering methods
Individual audit phases:
- Preparation and planning, i.e., defining an extent, goal and collaboration requirements
- collection of data and information, i.e., including activity identification, communication and cooperation with employees, technical measurements...
- Analysis of information and data, resulting in setting and categorisation of risks, proposition of measures
- Protection of data and company know-how from misuse
- Effective utilisation of investments into IS
- Protection of the good name and trust reinforcement for the company
- Legislative requirements met