What I do
The progress of industrial technologies and the increased interconnection between IT and OT (Operational Technology) create new security challenges. The exponential spread of malware such as WannaCry, Industroyer and Petya/NotPetya have given rise to large-scale attacks on industrial sites. We have over 20 years of experience in the industrial automation sector, working with the most popular PLC, fieldbus and SCADA systems. We know the security problems and risks of operating in an industrial environment, in light of the new threats of attacks on the production sites.
A penetration test emulates real-world threats that can be encountered using different attack methods. The goal of a penetration test is to identify weaknesses and evaluate the impact they could have on the entire IT/OT structure exposed on the network. Social engineering techniques such as phishing are also employed to create security holes in the entire system. The purpose is to evaluate the effectiveness and correct application of the company safety policies.
The vulnerability analysis is aimed at a technical assessment of the security level of the various components of a system. The goal is to identify vulnerabilities, misconfigurations and exposures in the event of an attack. It is generally carried out by analyzing the existing configurations and the update status of each individual device, compared with the known vulnerability databases and with the commonly used attack techniques. Unlike a penetration test, the goal is not to simulate possible real attack scenarios, but to map the state of the target in terms of the security of the configurations and the software used.
Application security is often overlooked, but should instead be part of a software development cycle. In this way, we can carry out an analysis of the source code in search of potential security issues. For existing applications, in "blackbox" mode, we perform rigorous tests on your software, whether it's a new website, a desktop / IoT application or an Android / iOS app, thanks to reverse techniques engineering and fuzzing.
Human error is the number #1 cause of the success of a cyber attack. We do in-person and remote training to let people know what the attacks are and the mentality of those who carry them out. The aim is to understand how a hacker thinks, acts and exploits a network. We use virtual laboratories in which to simulate different types of attacks, such as phishing.
Given the complexity of the problems involved, a specialized assessment not related to particular products and technologies favors better analysis and optimal planning. An external opinion, disconnected from business dynamics and not bound to particular products or technologies, can help to analyze the situation more completely. Starting from the needs to arrive at the type of product or technology to be implemented, we can correctly evaluate the resources and the impact on the implementation, following the design, construction and operation phases.