Knowledge on the current state of IT security is of key importance for each organisation. But no installation or programme is 100% safe. Only when we know potential sources of threats and can properly assess the risk, are we able to initiate suitable steps in order minimise the danger that confidentiality or integrity of information is violated or its availability limited.
The question of IT security is important not only for the users of a particular IT system but also for managements of companies that apply these systems and that may have invested substantial money in order to increase IT security, and, as we know, such investments do not bring immediate tangible profits. In order to reliably answer the question about the security level of a given IT system, it is necessary to conduct an IT security assessment.
Our company provides services in IT security assessment, helping to evaluate the security of IT installations and data processed by them. We conduct integrated IT security audits as well as specialist technical analyses – penetration tests and configuration overviews.
-
Verification of security controls with penetration tests, i.e. simulated attempts to break through the controls. The tests are aimed at identification of gaps (vulnerabilities) that could be used by potential intruders.
more
-
Web applications are a weak point of current IT systems. One of the solutions allowing to reduce the risk is checking your applications’ security before somebody unauthorised does that. As the first step we propose security tests.
more
-
Configuration overview of respective system components, such as: web servers, application servers, database servers, firewalls, routers, IDS/IPS. etc
more
-
IT security audits and assessments. We analyse formal security aspects (procedures, security policy, risk management) as well as technical aspects (severs, networks, workstations, physical security, etc.)
more
-
A part of a full security audit, for Clients who want to assess only technical issues, without looking into formal aspects.
more
-
Assessment limited to formal issues, such as procedures and documentation related to IT security.
more
-
Verification whether data processing (especially security controls) complies with the provisions of the Act on the Protection of Personal Data and related secondary legislation.
more