Auditing is our specialty. The performance of audits makes it possible to analyse the robustness of a system in the face of attacks in real conditions. Our main offers are :
- Penetration Testing
- Architecture audit
- Source code audit
- Configuration audit
- Organizational and physical audit
We have the French national certification PASSI on the 4 first fields.
Our auditors carry out controlled computer attacks on the audited information system. They simulate the behaviour of a hacker, intruder, or malicious collaborator at different skill levels. The vulnerabilities discovered on the audited information system are then qualified and a corrective action plan is developed.
We analyze the configuration of both hardware and software devices deployed and associated with the audited information system. These devices may include network equipment, server or client operating systems, applications or security products. Our objective is to understand the technical implementation of existing security practices in order to verify whether they comply with the state of the art, regulatory and legal requirements related to the systems environment and use.
Based on documentary analyses, interviews, and surveys, our auditors examine part or all of the architecture of an information system. They check whether the choice, positioning and implementation of the hardware and software devices deployed comply with the state of the art as well as the audited entity's internal requirements and rules.
We verify that the policies and procedures defined ensure that the audited information system is maintained in operational and security conditions and comply with our client's needs, the state of the art and current security standards. We also verify that these policies and procedures properly complement the technical measures put in place and are effectively implemented.