Approach


Source code reviews: Applications for smartphones, web systems and desktop clients are some of the main systems used by companies to provide services to employees and customers. It is vital to review their security before releasing them to production in order to avoid public data exposure and confidentiality, integrity and availability will be affected. We are experts reviewing applications in languages such as Objective C (iOS), Java (Android), C # and Visual Basic .Net, J2EE, MVC, C ++, C, etc.

Services & external and internal applications: Applications and services, both internal and external, are one of the main assets of an organization, its security is vital. We review all of them and advise you to solve your main problems (code injections, buffer overflows, impersonalizations, etc.)

Network elements & Perimeter protection (firewalls): Perimeter protection systems are the first defense barrier from outside the network, and protect their demilitarized networks from attackers and intruders. Its regular revision is fundamental, and must be patched and configured in an appropriate manner to guarantee its effectiveness and efficiency. We check their correct status and help you to parameterize them to block attacks.

Networks & Internal systems: We review the security of your network and internal systems in order to evaluate possible security breaches that may be exploited by an insider, such as disgruntled employees, users accessing your network through a poorly protected wireless network or exposed workstations.

Active Directory & LDAP: LDAP stands for Lightweight Directory Access Protocol, an application-level protocol that allows access to an organized and distributed directory service to search for diverse information in a network environment. Maintaining a directory tree that is orderly, well configured, and with adequate security measures is vital to guarantee a homogeneously protected network.

User's stations: Laptops, landlines and tablets are the main elements used by employees to perform their tasks and therefore, one of the main sources of security problems in an organization. Generic administrator users, outdated operating systems, insecure software, bad bastion policies at BIOS/UEFI Windows level, are common problems that are found regularly in companies around the world. Therefore, it is advisable to check your security constantly, and configure and maintain corporate models of secure operating systems.

Mobile devices & MDM solutions: In recent years, smartphones and tablets have become a device in companies, indispensable in many cases. These devices are small computers that likewise contain confidential information, and have access to critical services of the company. Therefore, its security should be equal to that of work computers, and even higher on numerous occasions, due to the greater ease that they have of getting lost due to their small size. The security reviews of corporate mobile devices and management solutions (MDM) should be something natural, and be proceduralized within the cybersecurity review campaigns of the rest of the corporate devices.

POS terminals & Payment gateways: POS (physical and virtual) and payment gateways are services used regularly by companies to facilitate the purchase of products and services for their customers. Its security is vital, because malicious use can cause catastrophic economic losses, together with various sanctions for non-compliance with regulations such as PCI-DSS or directives such as PSD2. The review of your security is one of our specialties, and we have extensive experience reviewing a large number of physical, virtual POS models (web, Android and iOS) and identifying 0-days in the main suppliers of the market.

IIOT: Industries have evolved, been automated and have powerful machinery designed to develop their products and services in the most efficient way. All these instruments are generally controlled by industrial control systems, which control and monitor the activities, and by various probes, plcs, actuators, etc. who are in charge of the operation. With a large number of suppliers such as Siemens, General Electrics, Schneider, ... and an infinity of protocols, such as Modbus, among others, the cybersecurity review of these systems becomes a complex task within the reach of a small group of experts. This problem is compounded by the complicated casuistry that these systems can rarely be reviewed outside of a production environment, which requires auditors to have special care and knowledge for the performance of their work. Our experts have extensive experience in sectors as diverse as the pharmaceutical industry, the food industry, or the textile industry.

Red team: Through the red teaming we seek to emulate real threat scenarios that an organization could face, analyzing security from the point of view of an adversary. Our red teaming approach has the dual objective of training people, and of checking the effectiveness of the processes and technologies used to defend corporate environments. During the exercise, we execute a series of scenarios that test the ability of the organization to detect, respond and recover from an attack. The red team, using Tactics, Techniques and Procedures (TTPs), helps to get a deeper understanding of how the organization would behave facing off a real threat scenario, allowing to identify more accurately the existing weaknesses, and therefore helping prioritize and focus on those areas where you really need to improve.

Exploits & 0-days: A 0-day vulnerability, is a security failure that is generally unknown by the manufacturer, and therefore by the organizations that make use of their products, being therefore unresolved problems that can cause a significant security breach. Our development team and cybersecurity has experience in the development of exploits and the violation of 0-days, which can be used to help in the discovery of vulnerabilities, and in support of patching tasks.

Methodology


In ZeroLynx we are aware of the need to apply methodologies in the cybersecurity audit processes, which allow us to evaluate the problems through standardized controls, in order to be able to perform tests with guarantees, and that are also repeatable over time. For this, we rely on the best market methodologies, especially OWASP, OWASP Mobile, OSSTMM, OWISAM and OpenSAMM, among others. In addition, we rely on frameworks such as CVSS, in order to establish metrics for the communication of the characteristics, impact and severity of the identified vulnerabilities.

Deliverables


At the end of the work you will receive an executive report and a technical report, with all the identified security gaps, details of how they have been located and exploited, evidences, and an action plan to facilitate their correction. In addition, you can count on the advice of our experts to solve all vulnerabilities as soon as possible.

This website uses third-party cookies to improve its usability. Press accept to continue browsing normally. You can modify the configuration or get more information here. Accept