VULNERABILITY ASSESSMENT – Internal and external vulnerability assessment, classification based on exploit priority and availability. Suggested remediation and mitigation Remediation e mitigation suggerite

PENETRATION TEST – Attacks in authenticated and non-authenticated mode aimed at searching for weaknesses of exposed services on the Internet (websites, portals, applications)

CONFIGURATION ANALYSIS – Configuration analysis for areas, technologies and services, looking for configuration errors that can compromise security

INTELLIGENCE REPORT – Search for information on all the available channels referring to the company or its representatives: classification and assumption of malicious use; mitigation

MALWARE ANALYSIS – Malicious payload analysis, in order to determine the origin, propagation strategies and possible damage. Creation of containment, remediation or reaction strategies Creazione di strategie di contenimento, rimedio o risposta

INCIDENT RESPONSE – Firefighting in case of emergency: triage, containment, forensics, remediation, communication support, legal and regulatory aspects

RED TEAMING – Defence stressing with the latest physical and digital attack vectors, with the aid of social engineering and physical access to the assets

NETWORK SECURITY POSTURE ANALYSIS – Corporate cloud topology, strategic choices and configuration analysis, in search for weaknesses

ACTIVE DIRECTORY SECURITY POSTURE – Reproduction of attack scenarios, such as DUMP of the login protection processes and brute force, to show unencrypted passwords; hash extraction and comparison in the Dark Web

ATTACK SURFACE VALUATION – Complete evaluation of the physical, infrastructural and applicative attack surface. Exploitation risk mitigation Mitigazione del rischio di sfruttamento

CODE REVIEW – Application code analysis in DEV-SEC-OPS mode

TOP MANAGEMENT EXPLOSION REPORT – Top management intelligence analysis containing information,habits and possible weaknesses