Security audit
Synacktiv offers you the opportunity to evaluate your maturity level in cybersecurity by performing in-depth audits of the critical elements within your infrastructure or applications
Because they require a great knowledge and mastery of different technologies, technical security audits are often overlooked by companies in favor of penetration tests. At Synacktiv, we believe that securing an asset also involves understanding the way it works precisely.
EXAMPLES OF ENGAGEMENTS
- Audit of an operator's core network (configuration analysis of the firewalls, routers, switches, etc.)
- Audit of a connected CCTV system (physical security of the hardware, stream protection, robustness of the authentication interfaces, etc.)
- Audit of a network diode solution (hardware and software configuration, segmentation between network interfaces, etc.)
Tools
O-ditor (internal exploitation and analysis tool), Disconet, Kraqozorus,
regexp, scripting, database, elbow grease
Latest articles
Site Unseen: Enumerating and Attacking Active Directory Sites
Active Directory Sites are a feature allowing to optimize network performance and bandwidth usage in AD internal environments. They are commonly implemented by large, geographically dispersed organiza
...
What could go wrong when MySQL strict SQL mode is off?
This article shows some examples of attacks that can abuse MySQL behavior when the strict SQL mode is disabled, especially when string characters are invalid in the current encoding. This happens when
...
The Phantom Extension: Backdooring chrome through uncharted pathways
The increasing hardening of traditional Windows components such as LSASS has pushed attackers to explore alternative entry points. Among these, web browsers have emerged as highly valuable targets sin
...
Contact us
Do not hesitate to contact us to tell us about your needs. Our sales team is at your disposal to answer all your questions.
Team leader
Julien Legras
Business Contacts
