Cybersecurity services
• Audits and standards
• Security solutions
• Preparation of SOC
• CERT implementation
Audits and standards
We ensure the implementation of physical, technical and environmental safety audits as well as the implementation of norms and standards in the field of:
• ISO audits, including ISO 27001 (information security), ISO 22301 (business continuity), ISO 20000 (IT service management);
• Cybersecurity incident management maturity audits (based on the SIM3 model);
• Technical and organizational audits for financial entities (ECB, KNF and others);
• Recommendations and regulations of the European Union and their national equivalents, including: the National Cybersecurity System, the Regulation on the Protection of Personal Data, the National Interoperability Framework;
• Anti-corruption and fraud prevention systems, information classification systems, information and data retention;
• Other systems and models to be used in accordance with local regulations, recognized standards and standards, and the needs of the Organization;
Implementation of CERT and SOC
We provide a holistic approach to the issue of building ICT security incident management competencies by providing tools, processes, building organizational maturity, and finally transfer of knowledge for dedicated CERT / SOC teams.
The implementation of the units responsible for handling ICT incidents involves the delivery of:
• Strategic and operational plans;
• Desired maturity (implemented according to specific methodologies, eg SIM3);
• Processes, procedures and instructions, implementation of performance indicators;
• Hardware tools and solutions;
The main operational tasks of the CERT / SOC units include:
• Managing vulnerabilities and monitoring threats;
• Monitoring and correlation of events;
• Registration and incident management;
• Optimization and development of tools;
• Analysis and improvement of the quality of services;
Cybersecurity tools
We create and deliver our own cybersecurity solutions:
• Audit management application, supports the organization's internal and certifiable auditing process with role management functions, audit scheduling, database of historical information;
• Penetration testing portal, operating with the use of many world-class engines integrated into a dedicated product to ensure comprehensive testing;
• Vulnerability management platform, connects global databases on vulnerabilities with the monitoring and reporting mechanism, giving the ability to manage vulnerabilities in a proactive way;
• Threat monitoring system, a tool to search and manage information about internal and external threats;
Cybersecurity management services
Based on the above solutions and to ensure the highest standards, we provide our clients with cybersecurity services, in particular SOC / CERT services:
• Configuration and storage of logs;
• Monitoring and correlation of security logs;
• Managing vulnerabilities, alerts and incidents;
• Providing information about threats;br>
• Additional services include the development of the Organization's soft skills: training, consultations, awareness-raising, and support for the coordination of development activities, as well as technical competences, including the management of the Organization's hardware solutions.
Implementation of solutions for cybersecurity
We support the implementation of carefully selected IT tools related to security management and continuous monitoring of the organisation's critical resources.
As part of technological solutions, we offer a number of systems and solutions, including systems for the purposes of:
• Monitoring of logs and alerts (SIEM);
• Incident management (SOAR, TT);
• Intrusion Prevention and Detection (IPS, IDS);
• Endpoint management and data loss prevention (DLP, EDR);
• Monitor network, database and user activity;
• Secure storage and transmission of information (including HSM / KMS);
• Wireless network monitoring (scanners and jammers) and much more.