We have developed a line of services centred on incident prevention, detection and response.

Services

  • Provide visibility, control and continuous monitoring.
  • Administration, operation and security infrastructure management.
  • Resolution of any type of security incident. Protection, detection and risk mitigation.

 

Monitoring and Correlation of Events

 

  • Supervision and management of client's IT Security infrastructures.
  • Focused on efficiency and service quality.
     



 




Vulnerabilities Management

 

 

  • Based on the cyclical practice of Identifying, Classifying, Remedying and Mitigating risks.
  • The services are focused on risk, as a set of quantifiable procedures that are responsible for continuously detecting and mitigating the risks generated by the security vulnerabilities.

 


 

 

Operation and Administration of the Security Infrastructure

THROUGH SOC:

  • We operate.
  • Assess. 
  • Maintain and provide support to any security infrastructure.

 


 

Response to Incidents and Forensic Handling of Incidents

 

As a response to an incident, we follow these steps:

  • Preparation.
  • Identification.
  • Containment.
  • Eradication.
  • Recuperation.
  • Forensics.
  • Lessons Learned.

 


 

Outsourcing Services

 

Professionals available for any temporary Security, Cyber Security and GRC need. From junior level to C levels (including virtual CISO / CIO / Head of Cyber Security).

  • Monitoring of the Customer's Security Centre.
  • Security Operation and Administration.
  • Incident response.
  • Training.
  • Monitoring of open, hidden sources and anonymous networks in the Deep Web. Analysis of data and information. Risks evaluation. Response proposals.
  • Identification of events related to information leaks, cyber attacks, cybercrimes and digital fraud.
  • Early detection of threats for illicit use of cyberspace.

 


 

Brand Protection

 

  • Administration of the company and the risk-related brand protection.
  • Early detection and response to any type of threat (including neutralised and deleted content).
  • Examples: False profiles, negative mentions, ex-employee mentions.

 


 

Social risks

 

  • Administration of risks and threats related with social movements that could affect the organisation, cyber activism and hacktivism.
  • Examples: Protests, mass events, flash mobs, strikes, protests, boycotts, etc.

 


 

Business risks

 

  • Based on characteristic factors of the company and its business area.
  • Identification and analysis of potential risks.
  • Continuous tracking of indicators.

 


 

Threat Detection

 

  • Detection of potential threats for the organisation, of any nature.
  • Discovering sensitive information about customers to block threats.

 


 

We follow the process below for all these services:

 

 

  • Knowledge about the environment / Organisation / Group.
  • Nature of the pertinent threats.
  • Catalogue of threats.
  • Parametrisation of a service.
  • Work procedures.

 


 

Information Leak, Detection and Remediation

 

Constant monitoring of Digital Sources:

  • Open (public).
  • Hidden (hidden websites, hidden networks, TOR, etc.).
  • Search for relevant data, information from digital press, forums, blogs that could represent a threat.
  • With specific surveillance technology: Information about Risks Map, List of Key Words, Semantic Analysis.
  • Real-time.

 


 

Monitoring of Digital Infrastructure Threats

 

  • Vulnerabilities Tracking and Advice:
    • Real-time mediation.
    • Risk level mediation.
  • Cyberthreats newsletter: Security warnings, cybernetic threat newsletters and publications.
  • Impact analysis + associated Action Plan.

 


 

Cyber Intelligence sources supply

 

  • Gathering and correlating intelligence information from + 100 intelligence sources.

 

   

 


 

Digital Fraud

 

  • Cybersquatting: Domain registration Monitoring.
  • IPs/Domain reputation.
  • Fraud malware prevention:
  • Detection and analysis of malware to identify malicious binaries.
  • SOCs witch access to global intelligence malware networks.
  • Prosegur CERT.

 

TECHNICAL AUDIT: 

  • Organizations Support in risk identification and remediation.
  • Increase in the level of maturity and frameworks of Information Security control.
  • Forensic Digital Analysis to clarify an event that occurred in a IT equipments and preparation of an expert report.
  • Response to incidents (DFIR). Advanced management of security incidents both in OnPremise and Cloud systems.

 


 

Ethical Hacking

 

  • Holistic approach.
  • Methodologies such as OSSTM, OWASP and frameworks developed internally.
  • Analysis of:
    • White Software Box and Pentestings.
    • Black Box, Grey Box and Footprinting.
    • Red Team.

 

 


 

Social Engineering

 

We divide the services into three phases:

  • Recognition: Inclusion of search engines, collecting emails, DNS records, social media, metadata, public records.
  • Intrusion: Phishing attacks to get credentials and access to network levels.
  • Analysis and Reports: Analysis of the information gathered.

 


 

Security in applications: Static and Dynamic Analysis

 

  • Static Analysis: Discovering software vulnerabilities by auditing the source code without having to run the application.
  • Dynamic Analysis: Analysis of applications, extracting information from its dynamic and design through a controlled execution and without accessing the source code.

 

 


 

Security in Applications: Safe Software Development Life Cycle (SSDLC)

 

  • Safety from the start of the development using static and dynamic Code Analysis and Best Practice tools.
  • Compliance with requirements such as OWASP Top 10, OWASP Top 10 Mobile, NIST, PCI DSS and others.

 


 

DIGITAL FORENSICS:

 

Judicial computer experience

 

  • The objective is to clarify an event occurred in a computer or IT system, with the creation of a Forensics Report that can be presented Out of Court or in Court.

 

 

 

 

 


 

Digital DFIr service forensic and incident response

 

  • Main tasks are broken down into three phases: Collection of information, in-situ and operating procedures generation, both in OnPremise and laaS Cloud environments.
  • Multi-disciplinary team made up of different profiles: Ethical hackers, System-Network Administrators and Forensic Analysts, with the most relevant certifications in their field.
  • As an IT Emergency Response Team (CERT - CSIRT), we are able to contain threats, analyse malware and perform DDOS data analysis and forensic analysis.
  • SLAs and time banks, selected according to the customer's needs.
  • Bag of hours in 8x5 or 24x7 mode and SLA, selected according to the needs of the client.

 

Example of cases: Service Refusal, Malware Analysis, Information Leaks, Ransomware, Compromised Systems, Remediation Of Cloud Attacks, Intellectual Property Vulnerabilities, Regulatory Violations, Internal/External Intruder Test and Data Recovery.

 

  • Support in the normative and legal compliance of Information Security.
  • GAP analysis and action plans of Level of Risk.
  • Cybersecurity Technical office for risk management and resilience.

 


 

Regulatory and legal compliance

 

  • Personal data protection: LOPD, GDPR
  • Security certifications: ISO 27001, ISO 22301, PCI-DSS...
  • Legal compliance with cyber security: PIC, ENS, NIS...

 


 

Security Management

 

  • Security governance model (GRC).
  • Management, analysis and control of Cybersecurity risks.
  • Security office: global strategy, indicators, metrics, controls, resilience level, etc.

 


 

Information security services

 

 

  • Security Audits.
  • Guidance plans, business continuity plans, creation of procedures and policies.
  • Training and awareness.
  • Design and implementation of Cybersecurity solutions for protection and response to incidents.
  • Configuration and programming of Cybersecurity tools to reduce IT and OT risks.

 


 

Solutions design

 

  • Analysis of the Technical architecture security and status of current customer solutions.
  • GAP analysis between current situation and desired level of risk.
  • Design of technological architectures focused on protection and cybersecurity resilience.

 


 

Infrastructures implementation

 

  • Agreements with the main international Security software vendors.
  • Continuous research of new technologies.
  • Protection of the perimeter, job, in the cloud and OT installations.

 


 

Configuration and customisation

 

  • Configurations based on the customer's risks.
  • Collaboration with the Hacking Departments to create customized patterns.
  • Application of best-in-breed Project Management Methodologies.

 

Solutions Integration

 

.

Strategic Agreements


Company Certificates