A security audit provides you with a deeper understanding of your assets' security level. Assessments are mainly based on well-know security standards. Our experts can offer assistance on the following types of audits:
Infrastructure Review
This review enables you to assess the technical and organizational measures of your infrastructure. The assessment can be based on the ISO standards (27 001 and 27 002) or on the internal standards of your company. The objective is to evalute the compliance level of your infrastructure in comparison with the targeted standard.
Configuration Review
This review enables you to evalute the configuration of an asset (server, firewall, router, etc.) compared to the best practices provided by the community (CIS, NIST, ANSSI).
Code Review
The goal of the code review is to perform a static analysis of the source of your application (Web or mobile). The audit follows 2 main steps. Firstly, the analysis is performed using only automated tools in order to identify the most common security issues. Secondly, a manual analysis is conducted against the sensitive sections of the application.
Compliance Audit
A compliance audit enables you to assess the level of compliance of your information system against the security best practices (ISO 27 001/27 002 standards or your own standards).