Security audits

Auditing is our specialty. The performance of audits makes it possible to analyse the robustness of a system in the face of attacks in real conditions. Our main offers are :

We have the French national certification PASSI on the 4 first fields.

Visa de Sécurité ANSSI

Penetration testing

Our auditors carry out controlled computer attacks on the audited information system. They simulate the behaviour of a hacker, intruder, or malicious collaborator at different skill levels. The vulnerabilities discovered on the audited information system are then qualified and a corrective action plan is developed.

Configuration audit

We analyze the configuration of both hardware and software devices deployed and associated with the audited information system. These devices may include network equipment, server or client operating systems, applications or security products. Our objective is to understand the technical implementation of existing security practices in order to verify whether they comply with the state of the art, regulatory and legal requirements related to the systems environment and use.

Architecture audit

Based on documentary analyses, interviews, and surveys, our auditors examine part or all of the architecture of an information system. They check whether the choice, positioning and implementation of the hardware and software devices deployed comply with the state of the art as well as the audited entity's internal requirements and rules.

Organisational audit

We verify that the policies and procedures defined ensure that the audited information system is maintained in operational and security conditions and comply with our client's needs, the state of the art and current security standards. We also verify that these policies and procedures properly complement the technical measures put in place and are effectively implemented.

Source code audit

Our auditors analyze part or all of the audited source code (or its compilation or execution conditions) in order to discover vulnerabilities related to poor programming practices or logical errors.