Cybersecurity services

Security audit

We offer extensive security audits of complex IT systems and networks.

The Cryptomage team has extensive long-term experience in the technical and business aspects of cybersecurity. We constantly develop our skills and ensure the quality of the products we provide. Our team`s expertise is proven by their involvement in the biggest projects for customers all over the world.

We always perform projects with the customer based on an agreed methodology, usually based on PRINCE2 or SCRUM.

Cryptomage takes full responsibility for the delivery of all contracted work. We conduct all the necessary tasks that are required for successful project delivery, including project management, analysis and implementation, as well as:

  • Business needs and technical analysis.
  • As-is and to-be model analysis.
  • Project implementation supervision.
  • Source codes audit.
  • Acceptance tests.

Security management

We believe that ensuring customer security begins with analysis at the organization level, including threat susceptibility identification, risk assessment and drawing conclusions.

Only after conducting an extensive organization and ICT systems environment analyses is there a possibi- lity to implement security procedures and technical security measures.

Our work includes complex security management at the organizational level by providing domain knowled- ge and delivering documentation such as:

  • Information security policy.
  • Threat susceptibility analysis.
  • Development of security procedures, including procedures needed for ISO 27001 certification.
  • Extensive risk analysis for the organization.
  • Identification of technological risks in the existing organizational ICT environment.
  • Development of classified information security procedures (incl. NATO/EU regulations).

Project initiation and planning

The key factors for project success are solid, profes- sional initiation and planning. We offer complex sup- port in project planning including the following areas:

  • Complex security architecture development.
  • Technical project description delivery (in scope of cybersecurity domain).
  • Technical description development for the RFP/RFI, including public procurement requirements.
  • Multisystems environment integration security plan development.
  • Assurance of project compliance with formal stan- dards and legal requirements.
  • Project plan development.

Our team has extensive experience in managing and delivering every phase of projects both for commercial and public customers.

Project supervision

The scope of our services include the supervision of the project`s general contractor work, including:

  • Supervision of standards and legal requirements compliance in the cybersecurity domain.
  • Operational audit.
  • Performing tests as an external tester, including penetration tests.
  • Steering committee meetings attendance.
  • Project and technological risks reporting.

Penetration tests

We execute penetration tests using automated tools and manually by experienced experts. The result of the penetration tests is an extensive report including security loopholes identification, threat susceptibi- lity, major risks assessment and conclusions in every analyzed area.

Our offer includes a full range of penetration tests in the following areas:

  • IT systems: e-banking solutions, webpages, web portals, other software.
  • Server and network infrastructure.
  • Desktops.
  • Human factor threats.

Credible expertise

We also offer specialized expertise in most cybersecu- rity domain areas, including:

  • Intrusion analysis.
  • Analysis of information leaks.
  • Expertise for courts and prosecutor offices.
  • Expertise for the public procurement court.
  • Verification of formal RFP description, including public procurement procedures.