Contacts Customer login
ENG
Search
ENG
Back

Information Technologies

Penetration Testing and Security Assessments to Protect Your Business

Are Your Digital Assets Vulnerable to Cyber Attack?

The world of cyber-security is always evolving, adversaries do not rest and in today’s world of e-commerce, incidents of personal data breaches, intellectual property theft, ransomware attacks are more and more common. Therefore, data security is of key importance for long-term success of an organization.

Responsible organizations invest heavily in protecting their digital assets, but all too often they simply take the security of their assets for granted and do not take steps to test their defenses to ensure that they are still strong and up-to-date.  

Penetration testing by SIQ Ljubljana can help to ensure that your data is properly protected. 

Information Technology Assessment

SIQ Ljubljana

Pentest approach

Our security assessment service is designed to detect potential threats and the related risks to information security. We use our knowledge of advanced persisted threats (ATPs) and the tools, tactics and procedures that real malicious actors would leverage, in order to thoroughly test your organization’s cyber defenses. Detailed security assessment/penetration test can help you to:

  • Ensure that every aspect of cyber security is covered
  • Determine cybersecurity level and exposure of critical assets
  • Readiness to detect and mitigate cyber-attacks
Pentest approach

What you get with pentest

  • Cyber Risk Analysis
  • Report with an executive summary (OWASP and OSSTMM methodologies).
  • Technical documentation for reproducing findings.
  • Strategic recommendations.
  • Accredited reports in case of an assessment conducted according to EN 18031 / EN 303 645 standards.
Pristop penetracijskega testiranja

Pentest services overview

Our penetration tests are tailored to your business or organization specific needs to provide cost effective solution. Methodological approach rules out possibility of false sense of security and guarantee results consistency, so you can rely all vulnerabilities were found.
Suggested organizational structure, project approach, and selected methodology ensure that all procedures and results are carried out and processed according the acknowledged standards and are possible to analyze and review.

Security Assessment Goal Benefit

External penetration test

External penetration test

 Try to exploit “crown jewels” on external infrastructure (servers, applications, or even people). Provide you with proof of what assets can be compromised by an attacker.

Internal penetration test

Internal penetration test

 Check the effectiveness of internal security controls against an attacker or disgruntled employee with access to internal network resources. Harden your internal infrastructure network and ensure compliance with industry best practices.

Web Application penetration test

Web Application penetration test

 Find a vulnerability in an application that enables unauthorized access and modification of data. Uncover application vulnerabilities and identify problems you did not know exist.

Mobile application penetration test

Mobile application penetration test

 Find a vulnerability in a mobile application that enables unauthorized access and modification of data. Uncover application vulnerabilities and identify security controls you need to implement.

Software review / Functional testing

Software review / Functional testing

 Check if the software performs only documented functionalities. Ensure software-specific requirements or goals are met.

IoT and embedded device

IoT and embedded device

 Determine the security of IoT devices and their associated services. Understand the threats connected devices can pose to consumers.

 

IT audit services overview

Information systems are inextricably embedded in all types of an organization’s business processes. Without a reliable, well managed, and safe information system, we can no longer imagine a day-to-day business. IT audits evaluate the information system’s internal control design and effectiveness and can be used as a tool to reduce the possibility of incidents that could affect the confidentiality, availability, or integrity of the data. An IT audit presents a systematic and professional assessment of technical and organizational controls in the organization’s information system. Its purpose is to verify compliance with the rules, standards, and good practices in the field of information technology.

Security Assessment Goal Benefit

Information Technology Audit (COBIT) 

 Find controls that reduce the risk and increase the efficiency of your IT.  Develop, implement, monitor, and improve your IT governance and information management.

Information Security Management System Audit (ISO/IEC 27001)

 Find out what are the strengths and weaknesses of your organization based on ISO/IEC 27001.  Gain detailed descriptions of the findings and recommendations for improvement of the organization’s IT infrastructure and processes. 

IT Service Management System Audit (ISO/IEC 20000-1)

 Find out what are the strengths and weaknesses of your organization based on ISO/IEC 20000-1.  Gain detailed descriptions of the findings and recommendations for improvement of the organization’s IT infrastructure and processes.

Business Continuity Management System Audit (ISO 22301)

 Find out what are the strengths and weaknesses of your organization based on ISO 22301.  Gain detailed descriptions of the findings and recommendations for improvement of the organization’s IT infrastructure and processes. 

IT Project Management Audit 

 Determine if a project management framework for IT projects is established and operating effectively.  Verify compliance with the rules, standards, and good practices in the field of IT Project Management. 

Software Audit Review (functionality, security) 

 Find out what are the functional and security advantages and disadvantages of your software. Gain an independent evaluation of the conformance of software products and processes to applicable regulations, standards, guidelines, plans, and procedures. 

Certification according to eIDAS Regulation 

 Implementation of Legislation Provisions of Electronic Identification and certification.  Provide qualified services based on demonstrating compliance with the requirements. 

IT Audit according to local legislation 

 Find controls based on applicable local legislation, and gain an independent evaluation.  Gain an audit report with detailed descriptions of the findings and recommendations.

 

Proactive Defense For Your Organization

Our team works tirelessly to stay up to date with the most recent tactics, techniques, and procedures.

We have knowledge of general threats and industry-specific issues and can provide immediate fixes and long-term best practices to maintain the security of information systems.

The team consists of security experts holding more than 30 internationally recognized security certificates and with years of experience in the field. 

 

Information Security Certification

With regulated and certified management systems in the field of information security, you build a long-term defence against unexpected events, intrusions and unwanted changes and, as a result, improve the level of information security in your organisation. By doing so, you ensure business continuity, which today is crucial to maintaining reputation and trust.

Find out more

Some of Our Partners

Let's start a project together

Do you have a question regarding information security? We are looking forward to hearing from you and will get in touch with you right away to discuss further details.

Contact us