Cyber Security Audit
Offensive Security Audits are at the forefront of our security practice. A cyber security audit is a complete approach to understanding your current security posture and the potential in which a malicious attacker (internal or external) could compromise your organization’s capabilities. Security Audits can be deployed against internally accessible or externally available systems, structures and infrastructure elements. At Cytelligence, we want to help you improve your security posture to reduce the chance of a breach situation.
- Determine potential threats your organization or industry might face from an attacker.
- Determine the depth in which corporate espionage can be performed by your employees.
- Understand the strength and weakness within your physical security controls.
- Identify vulnerabilities in your organization that could compromise your capabilities and damage your reputation.
- Validate existing security controls and monitoring capabilities.
“Offensive Security Audits are an assertive and proactive measure by your organization to understand your current security posture. They are about enhancing your level of security fitness by identifying both strengths and weaknesses, recognizing what you do well and improving the elements that reduce risk.”
– Alexandre Larocque, Director, Advisory Services
Our Offensive Security Audits can include:
- Digital Social Engineering (Phishing) campaigns that utilize e-mail, SMS messaging and USB activity to gain confidential information and access through employees.
- Physical Social Engineering campaigns which involve access to your organization’s physical locations to gain access to people, systems and services in a covert manner; to gain confidential information; escalate privileges; and compromise your organization’s capabilities.
- Penetration Testing involves the discovery and exploitation of vulnerabilities within an organization’s infrastructure, services and systems. Once exploited, our team works towards a clearly defined post-exploitation goal including accessing confidential information, escalation of privileges, system pivoting, denial of services and occupation of systems.