google

Penetration Testing.

  • Protect website or clean it from malicious code.
  • Defending the server or website against DDos attacks.
  • Security of the internal network of enterprises.
  • Complex solutions for website and server pentesting.

Advantages

  • Information on the site is secure.
  • Stable operation of the site.
  • Stable operation of the server.
  • Elimination of the consequences of hacker attacks.
  • Data recovery and data deletion.

Express analysis

10-20 days
The analysis can be preordered in order to understand if there is a necessity of security audit in your company.
  • Basic 200 checks of the site and server

  • Reporting vulnerabilities found

Server security audit

15-30 days
Server full auditing on all known directions.
  • Check the relevance of the operating system and the patches,updates

  • Check for vulnerable software on the server

  • Verifying DNS configuration

  • Verifying SSL,TLS configuration

  • Analysis of the relevance of the software

  • Port scan

  • Check on the possibility of organizing a DOS attack using minimal resources of the attacker and vulnerabilities of the system

  • Test for resistance to DDOS

  • Search for bugs affecting work of the server

  • Finding malicious code and shell in the processes and hard disk

  • The analysis of the topology of the network and its security

  • Сheck whether you can manage the server outside the scope of access specified by the customer

  • Brute force of all used protocols and authorization systems on the server

  • Semi-automatic and automatic work on finding vulnerabilities

  • Vulnerability scan server services and components

  • Server check on the possibility of obtaining confidential information

  • Check all available software on buffer overflow

  • Identifying atypical behavior and incorrect server responses

  • Checking for vulnerabilities in global databases

  • Modeling attacks on link layer protocols - ARP, CDP, STP, VTP

  • The analysis of rights to documents and common policy of work with documents and folders

  • Analysis of the ability to run commands remotely

  • Network interference when there is possibility

  • Check the security policy of the server and strategy development

  • Check for logical errors server settings

  • Social engineering

  • Search for unclosed repositories

  • Analysis of server management system and server virtualization

Recovery of deleted data

5-15 days
Use of modern technologies on data recovery.
  • Restoration of intentionally deleted files using software

  • Recovery of accidentally deleted files using software

  • Physical hard drive recovery

  • Recovery of files from SSD

  • Recovery of files from memory cards

  • Recovery of files from CD/DVD

  • Recovery of files from Flash drive (USB flash drive)

  • Recovery of files from damaged or broken devices

  • Data recovery from Raid Array

  • Restoration and finding lost files

  • Data recovery with non-working PC

  • Trying to restore encrypted files

  • Help in restoring lost passwords to your mail (required: confirmation email)

Data deletion

from 3-12 days
Completely erase the data beyond recovery.
  • Destroying data from hard drive beyond recovery

  • Destroying data from USB beyond recovery

  • Destroying data beyond recovery

  • Instructing on data encryption

Cleaning and protection from viruses on the server

from 5-12 days
It will help to clean your server from malware.
  • Audit server for malware (malware invasion)

  • Steps for detecting pathways of malicious software on the server

  • Develop an algorithm for cleaning the system from the effects of a virus attack

  • The package of measures for preventive protection of the server and website attacks

  • Recovery of damaged files

  • Recovery of damaged database

  • Recovery of deleted or copied database

  • Analysis of system logs, identifying exploit and the attack algorithm

  • Calculating the cost and the amount of work to address all known vulnerabilities that caused the attack

  • Update system and software installed on the server

  • System Status Monitoring

  • A detailed report on all detected viruses and attack classification –if it is a targeted attack or not

  • Installing a basic protection on the site/server that reduces the risk of getting malware

Protection of personal computer

from 3-12 days
The range of measures on minimization of risks on your computer.
  • Speed up your PC by optimizing installed software and hard disk space usage

  • Check PC for malware (malware invasion)

  • Analysis and deletion of malware

  • Installation of protection on PC

  • Setting a security policy on PC, on the network

  • User consultation on protection and PC optimization issue

  • Notifying users of impending attacks

  • Analysis of the software installed on a private PC

  • Analysis of the data transmission systems and cables within the object

  • PC system and event logs analysis

  • Infected files treatment

  • Deleting potentially dangerous software or moving it to quarantine

  • Identification of possible local or global attacks on the user's machine

  • Development of secure passwords storage and system for generation of most complex passwords

  • Update system and software installed on the server

  • Install proactive protection systems

  • Safe work in the system of instant messaging

  • Security levels set by the administrator

  • System Status Monitoring

  • Phishing resources database with automatic update

  • * Optional - creating database and files backups in the cloud

Protection of the individual from identity theft

10-12 days
A range of measures related to the protection of social engineering and data leakage.
  • Check for identity theft

  • Analysis of social networks, personal accounts on messengers and possibility for hacking or abuse

  • Mailbox Security Audit

  • Client’s corporate mailbox security audit

  • Analysis of the potential leakage of personal information or confidential data

  • Monitoring negative reviews

  • Legal aid to fight back against Internet defamation

  • Audit and analysis of personal devices, gadgets and installation of effective protection

  • Analysis of personal mail for targeted attacks (viruses, fakes)

  • Monitoring identity theft issue and notifying of potential threat

  • Development of the confidential file storage strategy

  • The range of measures to protect against fraud

  • Comprehensive consultation on the subject

Protection from DDOS

30 days
Installation of a full system of protection against this type of attack.
  • Protection against known attacks through vulnerabilities of other servers

  • Readiness to protect against SYN-flood, UDP-flood, ICMP-flood, Logical flood, MAC-flood

  • Protection from attacks on all protocols used on the server

  • Resource audit for the presence of internal overload provoked by buggy software

  • Monitoring and warning of attacks

  • Installation of individual protection for each client

  • Configuration and optimization Nginx, Apache, other servers to work properly with network packages

  • Search for help and solution to the problem when software causes recursive queries and high load

  • Help to ban bots that collect information from the website and overload it.

  • Systems of analysis and monitoring of server and operating system errors

  • Analysis and monitoring system

  • DNS server protection

  • Installation of protection systems against local DDOS attacks

  • Notifying when the site is down, and when it is up again

  • Identify ways of tracing the real server IP and preventing the possibility of such actions

  • Protection from Slow response attacks

Protection against website and server hacking

30 days
Short description of the package
  • Protection from scanning server vulnerabilities

  • Update Software for any CMS including custom CMS

  • Update server software and upgrade operating system if necessary

  • Notification of the hack or hack attempts

  • Monitoring of attacks on the server

  • Consultations in the field of hacking using social engineering

  • Protection of game servers

  • Installing the server protection systems and tools for control the possible attacks

  • Controlling leakage of corporate data across different data transmission channels

  • Setup of secure data transmission using certificates and protected channels

  • Help to ban bots collecting information from the website and parsing it

  • Notifying when the site is down and up

  • Installing WAF protection systems

  • * Optional - creating database and files backups in the cloud

Portfolio

15+

Years of experience

300+

Finished projects

200+

Clients

Additional services

Comprehensive security audit of the enterprise

Whitebox testing code

Consultation on security

Auditing and testing resource security

Our clients Our clients

GUARDLEX
API ASF
TREE DOCTORS
PRIVATBANK
TELEGRAM
CYBER POLICE
IPO CONSULTING
IMEKSBANK
MIRATON
LONE STAR COLLEGE
CMR CONSULTING
INSIGHTLY
ZOSIA
Startime Group
Ria ua
E-ton