Information Technology Consulting Firm Luxembourg

Our Services

ISO 27001:2005

ISO 20000: 2005 - ITIL

Risk Analysis - EBIOS

Project Assistance
& Support

Assessments & Audits

Payment Card Industry -
Data Security Standards

Strategic Studies & Assessments

Assessments & Audits

Why do companies need assessments and tests?

Which type of audit do we deliver?
Verification audits
Validation audits
Vulnerability assessments
External penetration tests

Related Useful Links
Useful links

Why do companies need assessments and tests?

To get an external standpoint of their architecture with complete fairness and independence.
To obtain workable prioritized recommendations to improve current situation.

Our consultants are able to carry out any type of technical audit like:

Global Security
Network & Remote Access Services
Database
Storage Area Network
Business Continuity Planning & Disaster Recovery Plan
Information Security Management Systems
E-Banking
Card Payment Industry Application
Wireless Network
Intranet Architecture
Internet Architecture
Physical Security

Which type of audit do we deliver?

Depending on your requirements our consultant are able to deliver various audit types:

Verification audits

This type of audit assesses the condition of a system or network, taking care of various elements as: organization, architecture, protocols used, configuration, and operating and staff skills. Our consultants use a dedicated approach based on our experience and the methodology we have developed over the years.

This assessment is not a question of vulnerability assessments but includes configuration reviews and flow analyzes.

Validation audits

The validation process compares current implementation with an existing referential or with pre-defined best practices. For example, it verifies that current solution fits with CSSF requirements.

Vulnerability assessments

This type of assessment consists in an active search for weaknesses in the system using various referential and our own vulnerability database. This mission is guided by an intrusion methodology and may include Denial of Service attacks.

External penetration tests

Unlike vulnerability assessments, these tests are entirely conducted from outside the target. Our consultants are working in blind mode. The goal is to simulate any hacker attack against the target.

Useful Related Links

SANS Institute
www.sans.org

The CERT® Program is part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania, United States of America.
www.cert.org