Cyber Red
As an organization, you want to make sure that the security measures taken work. To validate this, we regularly carry out penetration tests. We do this on the basis of Black box, Grey box and Crystal box tests. The difference is the amount of information that is provided in advance by the organization. In a Black box test, no information is shared; in a Crystal box test, for example, design documentation and source code can be shared so that more in-depth validation can be done in a shorter period of time.
Cyber Red Services
Web Penetration Testing
In order to periodically validate whether web pages that can be accessed via the internet are sufficiently protected against external attacks, we carry out Web penetration tests. Pages can be part of a website or specific web application. In doing so, we use the OWASP Web Security Testing Guide.
Certification: OSCP; OSWE
App penetration testing
In order to periodically validate whether mobile applications are sufficiently protected against external attacks, we carry out App penetration tests. In doing so, we use the OWASP Mobile Security Testing Guide.
Certification: OSCP; OSEP
AD and AAD penetration tests
To periodically validate whether the Active Directory and/or Azure Active Directory environment is sufficiently protected against specific attacks to acquire the highest possible rights in the shortest possible time, we perform (A) AD penetration tests.
Certification: OSCP; OSEP
API penetration testing
In order to periodically validate whether the internal and external Application Programming Interfaces used by software programs to exchange data are sufficiently secured, we perform API penetration tests. We use the findings made by the OWASP API Security Project.
Certification: OSCP; OSEP
OT Penetration Testing
To periodically validate whether OT devices with often specific software are protected against attacks, we carry out OT penetration tests. In addition to generic penetration tests, we also use the OWASP Firmware Security Testing Methodology.
Certification: OSCP; OSEP
Physical Penetration Testing
In order to periodically validate whether the physical security measures that secure access to private buildings and (technical) spaces are sufficient, we carry out Mystery Guest visitations. A possible part of an attack vector is gaining physical access to the organization.
Consultancy
Our basis consists of providing good and independent advice. What is important here is that we are autonomous, curious and eager to learn about the customer's business processes and are transparent in our communication with the customer.
Improve your security position with our services
The basis of our services starts with Interest and Deepening in your organization. This is the only way your organization can be properly protected.
Cyber Blue
Monitor critical assets against external and internal attacks 24/7 with knowledge of business processes and attack strategies.
Read more
IAM
Manage the digital identities and access levels of employees, partners, and suppliers, minimize risks and promote productivity.
Read more
User Awareness
Raise employee awareness through regular information campaigns, resulting in permanent behavioral change.
Read more
GRC
Manage your security position based on risks, standards and measures. Advise on regulations and internal and external audits.
Read more
Network Security
Monitor network traffic for anomalous patterns, detect and neutralize attacks, and regulate network access to reduce the risk of unauthorized access.
Read more
How securely is your organization?
It is free assessment from one of our security experts to find out.
.webp)
%201%201.svg){kind=small}
