GIAC Certified Penetration Tester (GPEN)
GIAC Web Application Penetration Tester (GWAPT)
GIAC Exploit Researcher and Advanced Penetration Tester(GXPN)
Certified Ethical Hacking (CEH)
Certified Information Systems Security Professionnal (CISSP)
Pen testing and vulnerability assessment services are performed by a team of experts who are aware of the latest threats and who knows the vulnerabilities exploited by hackers, by maintaining a constant lookout. These specialists, who slip into the skin of a hacker, have specialized training and certifications such as:
Our certifications
Some interesting statistics
77 % of organizations
in the world have been victims of one (or more) successful cyberattack in 2017
50% of web application attacks were SQL injections
An SQL injection therefore consists of adding additional code to the entries. If no precaution has been taken in the script to anticipate such situations, the code will be executed, with all the dangers that entails.
48 % of security incidents
Are committed by hacking. With more than 53,000 incidents and 2,200 violations,
With certified experts, a framed approach and an exclusive methodology
Whether protecting against threats or complying with the standards required by their industry, organizations must put in place preventative measures to ensure that their networks and applications are properly secured.
The vulnerability assessment allows to initiate the process by checking if the applications have exploitable flaws that could make the technological environment vulnerable. Intrusion tests then go further by attacking, in a controlled manner, applications and systems that support different business needs in order to validate their resistance. The results of the analysis and the tests carried out then highlight areas for improvement and detailed recommendations aimed at countering the vulnerabilities discovered.
The team of HDCE, composed of several experts and dedicated specialists, has to its credit several hundred tests of intrusion and vulnerability assessment carried out in recent months. Although positioned as the reference in the field of games and lotteries, the team has been called upon to work in the fields of media, health, energy, finance, transport, government services,
education and many others, both internationally and nationally.
For example, HDCE services were selected as part of the intrusion tests and vulnerability scans required by the NERC CIP standards in the energy field and the PCI standard for payments online.
Protection of test data
Throughout its intervention, HDCE applies strict measures to protect the data collected or used by encrypting stored and transmitted information. Authenticating all users with access to test systems, and ultimately declassifying the data from the test environment. This formal commitment and the tools used to achieve it add significant value.
Effectiveness and usefulness of the report
The analysis report is more than a simple inventory. It details the detected vulnerabilities and classifies them by their level of criticality, according to recognized standards such as the Common Vulnerability Scoring System (CVSS). But the intervention of HDCE experts does not stop there. In addition to identifying the flaws, documenting them with concrete evidence and proposing mitigation solutions, the reports propose, based on a prioritization strategy from the CVSS, a recovery plan that presents the necessary actions required in a structured and concrete way.
Achievements
To this day, HDCE has carried out multiple intrusion testing and application security reviews for both national and international organizations working in the fields of healthcare, online games, energy, transportation, education and finance. HDCE offers significant added value over vulnerability scans by performing security assessments that include:
© HDCE, 2015 - Tous droits réservés/ Copyrights