Services

Pentest / Audit


Penetration Testing

The goal of a penetration test is to demonstrate how an attacker is able to exploit the weaknesses of your assets. Our experts are able to assess various targets such as:

  • Internal networks: Active Directory environments, DMZ, partner networks, etc.
  • External infrastructures: Web platforms, VPN endpoints, etc.
  • Web applications
  • API endpoints
  • Wireless infrastructures
  • Mobile applications: Android and iOS
  • Industrial control systems (ICS)


Additionnaly, RandoriSec is able to provide assistance with:

  • Red Team simulations
  • Phishing campaigns
  • Vulnerability assessments


Security Audit

A security audit aims to go deeper on the security analysis of your assets. The audit is performed with all information available.
Our experts can offer assistance on the following audits:

  • Infrastructure review
  • Configuration review
  • Code review


Consulting


Our experts can provide assistance on:

  • Risk Analysis
  • Definition of secure systems (policies, specifications, hardening guidelines, references manuals)
  • Definition of cybersecurity preventative strategy
  • Cybersecurity governance and team management (“CISO” missions)
  • Compliance audit (ISO 27001 / 27002)
  • Maturity assessment (based on CIS Controls)
  • SWIFT “Customer Security program” assistance
  • Cloud security
  • Organization of cybersecurity table top exercises
  • Incident and crisis handling
  • Cyber-threat Intelligence


Training


RandoriSec provides onsite trainings on the following subjects:

  • Penetration Testing: How to perform penetration testing (basic and advanced level)
  • Mobile Hacking: How to assess Android and iOS applications (basic and advanced level)
  • Cybersecurity Awareness


Some trainings were performed in security events:


RandoriSec can deliver tailored trainings depending on your needs, don’t hesitate to contact us


SecOps / SecArch


Our experts can help you on:

  • Security architecture
    • Oversee the creation, the use and support of security platforms
    • Assess the security levels and standards of the system and insure operating systems are compliants to the norms
    • Come up with an analysis of the needs for security and changes in the security architecture to hand out to developpers and product team
  • Security operations
    • Operate theats and vulnerabilities management systems, NexGen firewalls, IDS/IPS systems, Cloud and Endpoint security
    • Take part in the incident response strategy
    • Collaborate on penetration testing and carry out phishing exercises
  • Project management
    • Work alongside and in partnership with the sales/support teams to provide them with insights on how to best use security solutions in complex environments
    • Be involved in the creation of metrics, policies and security norms