We help your organization avoid data theft, fraud, loss of productivity or reputation

Caberseg offers a series of cybersecurity services that allow, together with the client’s needs, to achieve a high level of security. All the work carried out by our experts is aligned with the main standards and methodologies, highlighting in this last field those developed by the OWASP organization.

 

It is intended to review security in all layers of the technological infrastructure of an Organization, providing improvement solutions adapted to the characteristics of the organization, in these fields include:

Safety evaluation

Review security in all layers of the technological infrastructure of an Organization, providing improvement solutions adapted to the characteristics of the organization. We highlight the services of internal and external Ethical Hacking, Intrusion Test, Security Review in the Application layer, Code Review, Vulnerability Analysis (Wireless Inc, VoIP, Critical Infrastructures) and IT Compliance Technical Review.

Expert Reports

Perform expert reports through the evidence obtained, maintaining the chain of custody at all times, as a support for the resolution of conflicts and their subsequent ratification before the competent Court or Court of Arbitration.

Design of Solutions

Provide effective solutions tailored to the real needs of each client. The services of Secure Network Design, SIM / SEM Tools, Bastion of Systems, Network Access Control, Honeypot Implementation, Implementation of Security in the Development Life Cycle and Adjustment of Network and Security Components stand out.

Execution of Security Processes

To provide companies with highly qualified personnel to carry out tasks related to security and to offer remote execution services for security processes. Services are offered such as Early Warning, Digital Surveillance, Malware Management, Threat and Vulnerability Management and Incident Management and Response.

Identity Management and Role Management

Analyze, define and optimize the processes of authentication, authorization and administration of authorizations, as well as the selection and integration of user provisioning solutions.

SERVICES OFFERED

The external intrusion audit checks the perimeter security mechanisms, using a black box model, in order to diagnose systems and infrastructures that minimize exposure against attacks and intrusions from abroad, guaranteeing confidentiality, integrity and availability.

Some of the assets analyzed in this type of audit are:

  • Web portal and published services.
  • IP addresses.
  • Open ports.
  • Emails.

The internal intrusion audit evaluates the security of the internal systems by carrying out checks, usually from the entity’s facilities, with the aim of improving the detection and reaction capacity against a possible internal attack.

Some of the assets analyzed in this type of audit are:

  • Infrastructure.
  • Internal devices.
  • Internal software.
  • Roles and access permissions.

A WiFi access point is one of the most common methods of connecting to a network, however, it is usually one of the most neglected aspects regarding the security of systems.

The WiFi intrusion audit checks the wireless security mechanisms, through a set of face-to-face tests, which allow improving the detection and reaction capacity in the event of a possible wireless attack.

Some of the assets analyzed and tasks performed in this type of audit are:

  • Connected devices.
  • Security methods.
  • Coverage and area of ​​action.

Mobile applications are increasingly present in the business world, where developments are made that directly intervene with the business lines.

The security related to the audit of mobile applications is essential to guarantee the information managed by this type of applications, both internal and commercial, preserving the confidentiality, integrity and availability of the information.

Some of the tasks performed in this type of audit are:

  • Source code analysis.
  • Storage mechanisms.
  • External content loading and execution.

Advanced persistence attacks assess the evasiveness and mitigation capacity of targeted attacks, which make it possible to circumvent security, making use of social engineering mechanisms with the aim of accessing information systems.

These types of controlled attacks allow detecting the weak aspects of an organization, defining the necessary improvements to avoid these same types of attacks, but carried out by a cybercriminal.

Some of the tasks performed in this audit are:

  • Analysis of the internal mechanisms of the organization.
  • Social engineering.

Forensic analysis consists of a set of techniques designed to extract valuable information from the devices, without altering the state of the devices, trying to find specific patterns or behaviors that allow the discovery of information that was hidden.

Some tasks performed in this type of audit are:

  • Archive history research.
  • Trace detection on devices.
  • Authenticate tests.
  • Reconstruct data.