MENU

I

Cyber security services

We are experts in a deep manual security testing, a simulation of various attack types (RED TEAMing), a sensitive data lost detection (Data Lost Detection), services protecting against corporate identity misuse (Take Down Service), ...

We have extensive experience with projects in the penetration testing area and the simulated hacker attacks. Our aim is to become your strategic and long-term partner in order to help you to protect your organization against the sensitive data loss, their misuse and your reputation image harm.

Our security specialists and ethical hackers always use the newest technologies and procedures. Put yourself into our hands and together we secure that both your data and your reputation will be kept safe.

shutterstock_1013026084

ARE YOU INTERESTED IN NON-BINDING CONSULTATION?

Perimeter Network Security

Perimeter protection is nothing new. “The ancient Romans” already new about it. It refers to natural barriers or built fortifications protecting the defenders inside against invaders, or, the other way around, preventing the captives from leaving the area surrounded by it. However, in the days of information technology, it took on a different meaning. Known as Perimeter Network Security, it presents a way the technologies and procedures are set up on the network perimeter ensuring the security of company data and resources.

Best practices in perimeter network protection include, for example, identification of threats, detection whether someone is monitoring your activities or behavioural pattern analysis.

Over the years that we at ComSource have been dedicated to security, we realized that many companies are quite unaware of what services they are really exposing on the Internet. Of course, probably all organizations nowadays protect their network with firewall. Contrary to it, they do not hesitate to expose vulnerable services on the Internet. Which means that you have a palisade, but you are not watching the space in front of it. This way, attackers can easily reach it, climb over it, or even set it on fire!

In addition to that, security specialists in every company are drowning in work. There are dozens of reports about security incidents, suspicious documents and activities, both inside and outside the company, which they must respond to every day. There is not a lot of room left for proactive monitoring of potential dangers. So when an attacker, let's say ransomware, comes, the problem is almost inevitable.

And that is where we, ComSource, come in. We offer you a security service proactively monitoring the company’s network perimeter in regular intervals, searching for possible vulnerabilities, checking whether systems and apps are updated to current versions or detecting any possible changes.

How the service works?

Network perimeter protection is offered in various scopes and variants, depending on your company’s needs. In principle, our specialists are aiming to create procedures securing your systems on the perimeter of your network, thus preventing the threats from getting inside.

Ochrana_Perimetru_AJ 700

As it is evident from the picture, you can imagine us as a security patrol walking around the fortress in regular intervals and watching for anything that moves. We will support your security specialists by searching actively for threats and informing them in time if any appear.

You can choose from the set of following basic activities in our services. There are several levels:

  • Perimeter change monitoring
    • ports, SSL certificates and new services monitoring,
    • check for apps and systems updates,
    • identification of harmful services,
    • various intervals, as needed (1 per week, 1 per month, 1 per quarter etc.).
  • Vulnerability Assessment
    • definition, identification, classification and prioritization of vulnerabilities,
    • zero day attacks detection.
  • CSIRT Security bulletins
    • Monitoring security and technical information about important issues regularly published by vendors. This service significantly lowers the risk due to timely reports on the server vulnerabilities.
  • NetFlow
    • Collection and analysis of data on used ports, protocols and entire data flow with powerful tools.

Based on this active monitoring, or in case there is a security incident detected, our experts create a Service Desk ticket informing the customer about the nature of the incident and its priority, including the recommended course of action.

In order to set up the service correctly, we have to know how vast is your company network perimeter (i.e. the public extent of IP addresses). Also, what services exposed on the Internet there are in the network, important access points, certificates etc. Resolution of the issue/incident as such is not included in the service, however, we will be pleased to provide it for you upon the conclusion of a framework agreement on the provision of security services.

If you have realized just now that the number of your “advanced patrols” is quite limited, or that you do not have any, be sure to contact us. Let’s assess your situation together and then let’s configure the service in a way that will ensure that nothing and nobody can easily get to your palisade.

RED TEAMING and PENETRATION TESTING

Our key products in the area of cyber security are the RED TEAMing and the penetration testing. It is not the one and the same, yet it appears to be.

What is the difference between RED TEAMING and PENETRATION TESTING?

  • Contrary to the penetration testing where one isolated area is tested deeply targeted (e.g. your network or your application), the RED TEAMing means a complex company security and a resilience testing.
  • The target of the penetration testing is to gain a list with the highest amount of vulnerabilities in the targeted area or technology. The RED TEAM searches for the most efficient way to penetrate inside your company to show you all the opportunities attackers have.
  • While the penetration testing simply reports whether the targeted area is or is not safe, the RED TEAM keeps attacking and testing one area after another in order to violate your security no matter what the cost, just like the real attacker does.

RED TEAM

Our RED TEAM will challenge your security, detect its weak areas and examine your ability to detect attacks and data theft attempts.

The RED TEAM is the team of skilled ethical hackers that examines resilience of your networks, applications and other technical and human sources against outside attacks. The team uses combinations of various techniques including both technical tools and social engineering methods. These methods together are so called RED TEAMing and they meet the full extend attacks simulating the real hackers´ behavior. Our specialists target to all system weaknesses. They are trying to penetrate the system by using various methods until they succeed.

Afterwards you receive the detailed report with the description of the security status in your company and also pointing out to the current vulnerability of your technologies, devices, employees. There are also included recommendations for corrective actions in the report.

Who needs the RED TEAM?

Every organization that uses computers and communicates with ambient virtual world. The READ TEAMing is not meant only for big corporations. Contact us and we will prepare the tailor-made project based on your company size and budget.

See for yourself if you need the RED TEAM.

  • Do you work with sensitive or medical data subject to GDPR regulations?
  • Do you accept or proceed credit cards according to the international standard PCI DSS?
  • Are you involved in the state critical infrastructure according to the Cyber security Law?
  • Are you a financial institution/a bank?
  • Are you afraid of company know-how misuse or reputation loss thread?

RED TEAM in action – video trailer 😉

Cyber security tests

Our specialists go deep into the targeted technology and detect all its vulnerabilities so you can secure it properly and in time.

The manual penetration tests are the key tools to detect vulnerability areas of your network which can be misused by attackers. The deep analysis and the testing find loopholes that can provide hackers opportunities to gain unauthorized access to your sensitive data or even to take over your system and thus harm you. Side but still important effect is the detection of incorrect software configuration, firewall gate or non-compliant protocols.

The final protocols from the manual penetration tests are not generated by safety scanners but are written by our consultants. That´s why the results of our work can be the basis for your security specialists in order to change setting or procedures to keep your data and technologies safe.

Who needs the cyber security tests?

Almost every modern company, which uses computers, any type of critical system or devices. It does not matter what is size of the company, what matters is its commitment to secure itself because the timely problem prevention is the safety rule number one.

See for yourself if you need the penetration testing.

  • Do you run information security in your organization in line with ISO 27 000?
  • Do you work with sensitive or medical data subject to GDPR regulations?
  • Do you accept or proceed credit cards according to the international standard PCI DSS?
  • Are you involved in the state critical infrastructure according to the Cyber security Law?
  • Are you a financial institution/a bank?
  • Are you afraid of company know-how misuse or are you afraid of reputation loss thread?
  • Do you need to measure quality of security in your organization?

Cooperation with us pays off as we…

Offer technical support 24/7
in English and Czech

We work for many Czech and international companies

Our technical experts have long-term experience in this area

Are you interested what all includes cyber security services? Make a free consultation and find out what can we do for you.

ARE YOU INTERESTED IN NON-BINDING CONSULTATION?

Reference

Where now?

team

Networking accessories

Union-6

Network
management

panel

Switches

worldwide

Software defined
networking