This is a term derived from a Red Team, referring to a team of experienced ethical hackers performing simulated attacks while using the same sophisticated means as real attackers. The so-called Blue Team is the force opposing the Red Team in the target company. Blue Team is a team of experts specialized in security, detection and the resolution of cyber incidents. The team aims to do everything in their power in order for the attack not to succeed. And in case it has already succeeded, then to detect it and detain it as quickly as possible, while preventing its recurrence.

The essence of crisis management is to overcome emergency situations such as economic turbulence, bad managerial decisions or pandemics. The aim of anti-crisis measures is the early detection of an approaching crisis and to initiate the framework rescue processes.

Endpoint Detection and Response (EDR) produkty slouží k ochraně koncových stanic před škodlivým kódem a průnikem útočníka. Od běžných antivirových produktů se liší logováním důležitých aktivit na koncové stanici a širokými možnostmi při řešení incidentu.

Do you have your access and identity management fully under control and in one place? Are you spending too much time with their management and administration? Are you tired of manual administration? Does not a full automation, management and administration in one place, with an IdM solution doing all the tedious and lengthy work for you, sound much better? Or maybe you need to comply with findings from an audit or to increase the protection of your data? If your answer is yes to at least one of the questions, Identity Management is the right solution for you!

Securing the confidentiality, integrity and availability of data in modern enterprises comprises several tasks, ranging from systems management, change and configuration management, and also a cybernetic security strategy. An effective strategy must also cover detection and reaction to security incidents – no company that processes sensitive data can survive without such measures. The detection and reactionary abilities of a company are directly related to the knowledge, experience and quality of security tools and it is precisely these ingredients that our Cyber Defense Center has – and we are ready to provide them also to you.

Using short and simple videos, the employees will learn everything about information security, methods of information protection and prevention of information leakage.

SOC provides centralisation of security incident management, minimises incident response time and impact on protected assets.

GRC systems are systems assisting organizations with streamlining all information regarding security management activities, which is positively reflected in their ability to respond promptly to both existing as well as new risks. Our expert team, with help of GRC, is ready to take your company information security management to the next level.

Starting on May 25, 2018 the Regulation of the European Parliament and of the Council (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, the so-called “GDPR” will be in effect. This groundbreaking legal act unifies data protection across the EU and affects all entities that process personal data.

The web portals, new functions, lots of various applications are always changing and the number of vulnerabilities of web technologies are increasing constantly. The WAFs are the most up to date technologies that protect your systems even without a complicated development cycle.

Are you uncertain if the assets of your information infrastructure may contain a vulnerability resulting from a incompatible configuration or the absence of security updates? If so, we would like to recommend an implementation of a VMS tool (Vulnerability Management System) thanks to which you will gain a crucial overview of the risks related to the individual components of your network.

Our experts have lots of experience with verifying and evaluating the level of awareness of information security of employees by means of email campaigns with a fake testing code, media distributions (USB, CD/DVD, etc.) with this code, or via manipulative phone calls to approved respondents.

The risk analysis serves to appraise the actual state of security and identify risks that the system faces. It represents an important resource of information for decision-making about security investments.

Our specialists can draw up a number of workshops about information security, tailored to your individual needs, that are suitable for regular users, IS administrators, as well as top management.

We offer SIEM tools from reputable producers for monitoring and analysis of the logging records generated by a number of systems found in the organization's infrastructure. Together, we go over the project phases of the logging infrastructure analysis, selection of a suitable SIEM tool, implementation, documentation and subsequent support and development.

Protect your company against malware using zero-day or unknown vulnerabilities. We will implement a modern solution that will guard you against this threat.

Are you looking for a way to identify changes in the network effectively, or detect new types of malware or completely unknown attacks? With the help of Network Behavior Analysis (NBA) products our team is ready to assist you with this process.

Penetration tests examine the level of the organization's information security and the ICT resistance to existing cyber threats by simulating a hacker's attack on the computer network, web, or mobile application.

Don't you have the sufficient capacity for solving security issues on your own? We offer you the services of our experts, who are fully devoted to security. Our experts can effectively fulfill tasks according to your individual needs.

We have longterm practical experience in the field of ISMS as well as in related fields. If you want or need certified ISMS, we are here for you. We can help you to propose a system of information security management quickly and effectively, and engage it throughout the entire organization.

In the field of mobile technologies our specialists can offer you penetration tests of mobile applications, consultancy during its development, and subsequent analysis of the source code. At the same time, we can help you with the deployment or modification of the administration of the company's mobile devices, that means MDM technology and company policies (BYOD/CYOD).

System and platform hardening is an elementary security measure that is able to protect information systems and applications from abuse. We can provide hardening policies and propose how to implement them into practice. At the same time, we provide check-ups effectively (and automatically) to make sure they are being observed.

We can help you to identify the most crucial company processes and related vital personnel. We can point out the critical components of the ICT infrastructure, as well as the important reports and documentation, without which your business couldn't keep running in case of emergency. Then we can help you create recovery plans in case something goes wrong. And if anything goes wrong we will assist you with managing the critical situation. We have plenty of experience in this area, and you can find our results in the references.

This is a tool which will solve the right classification of your documents for you. It is easy to implement and it increases the effectiveness of DPL systems.

The most valuable property for a company is data. Imagine how your company's reputation would change if your financial reports, proposals, and clients' records got into the hands of your competition, or they were leaked to the public. The system of DPL protects sensitive information against targeted attacks, as well as from the company's own employee abuse.

Access management based on an IP address is out of date today. You should control the accesses at a higher level in terms of users and groups. Our team doesn't only offer implementation, but mainly a sophisticated administration of firewalls.

The AFS is a complex solution ensuring the protection of web internet banking applications and their users against cybercrime, fraud detection in the online environment, and the logging of users' activities.

We execute information security audits from the procedural and the technical points of view. Our team has wide competencies for managing almost all the requirements for verifying compliance regarding either the Cyber Act, ISMS, personal data protection, or other specialized IT standards. We can also provide the customers' audit at your suppliers. Don't hesitate to contact us, and we will put together an individual IS audit for you for a reasonable price.

If security is not an integral part of the software development life cycle (SDLC - Software Development LifeCycle), then the security vulnerabilities and holes occur on a regular basis. An after-effect security solution at the end of the development usually causes subsequent expanses. Due to the Secure SDLC, we apply security principles and standards throughout the course of the entire life cycle of the software's development, and we help to identify and eliminate the potentially vulnerable spots of the applications in time.

We are ready to assist you in drawing up appropriate safety documentation, which will become the keystone of information security at your organization.