Cyber Defence Services

vector-synergy-experience-loyalty-perseverance

In Vector Synergy, Cyber Defence services are more than just advanced solutions ensuring peace and IT security of an organisation. This is, in the first place, the philosophy of operations, which leads to joint development of the most effective system ensuring cyber security of Client’s organisation.

Vector Synergy configures and delivers optimum and best matched solutions, ensuring this way the highest – world-class level of Clients’ IT security.

Vector Synergy constantly seeks the right solutions. Entrusting us with the responsibility for detecting and responding to network incidents, Clients get confidence that their data shall remain confidential, integral and available. Multi-level security that we deliver, provides peace and IT balance and ensures the expected safety.

Offering of Cyber Defence services

Vector Synergy offering as regards Cyber Defence includes the following:

  1. IT security consultations
  2. Penetration tests
  3. IT investigation with data recovery
  4. Rapid Reaction Team, i.e. constant or periodic monitoring of organisation’s security
  5. IT security training

vector-synergy-security-circle

Recipients of Cyber Defence services

  • Cyber Defence services of Vector Synergy are addressed to organisations, businesses and companies aware of the value of know-how and importance of their mission. Jeopardy is represented both by distribution and outflow of confidential information, but also discontinuity of access to services.
  • Services of Vector Synergy are so wide that they are addressed to all organisations, businesses and people using computers, electronic mail, Internet. To all who want to take care professionally of both business and personal data.

Services

Penetration tests

The real assessment of IT security status is presented by Penetration Tests, which are a perfect tool diagnosing security measures existing in an organisation.
Penetration Tests are based on running a simulation of a real attack on network systems operating in a given network, on applications and people (external and internal) without the knowledge of the Client’s internal IT structure. They are applied to detect security gaps in a company’s network. They facilitate assessing susceptibility and resistance to attacks and indicating how far a real attacker could go in case of a real attack on a computer network.

The diagnosis made with the use of Penetration Tests facilitates developing awareness of dangers as well as fast and measurable identification of priorities in respect of security related actions.

There are two approaches to penetration tests:

  • white box – a pen-tester receives a range of IP addresses to be tested
  • black box – a pen-tester only receives the name of a company, the data of which needed for tests should first be identified.

Network penetration tests

Purpose of the service:

  • Simulation of a real computer attack on network systems operating in Client’s computer network.

Client benefits:

  • delivering information on system susceptibilities and possibilities of using them to acquire unauthorised access to protected data
  • identifying weaknesses of IT infrastructure
  • supporting the process of priority setting in risk management
  • effective allocation of capital expenditure so that the largest amounts are appropriated for the most jeopardised network elements
  • assessment of the rationale of investment in advanced technologies connected with IT security
  • meeting the requirements of legal regulations or regulations arising from other obligations of an organisation.

Application penetration tests

Purpose of the service:

  • Simulation of a real computer attack on applications operating in Client’s computer network.

Client benefits:

  • delivering information on application susceptibilities and possibilities of using them to acquire unauthorised access to protected data
  • identifying weaknesses of IT infrastructure
  • assessing susceptibility of an application available on-line
  • limiting potential costs of service discontinuity in case of a successful computer attack
  • assessment of resources necessary for specific software modules
  • increasing security level of both the Client and its customers

Social engineering tests

Purpose of the service:

  • checking the Client’s staff members’ resistance and reactions to applied social engineering techniques in order to extract any confidential information about the organisation, it’s systems, it’s infrastructure, it’s employees, or it’s customers.

Client benefits:

  • improving the staff members’ awareness of social engineering techniques
  • recognizing any potential social engineering techniques used to attack a given industry
  • making a quantitative assessment to show how many employees are vulnerable to attacks by means of social engineering techniques
  • identifying any vulnerabilities in the Client’s communication that may be used in social engineering attacks
  • assessing the viability of policies, procedures, and training provided to the Client’s personnel.

White box tests

Purpose of the service:

  • Detecting the amount of information and type of data on a company/person, which is publicly available.

Client benefits:

  • assessing the quality and amount of information available on-line on a company/person or family
  • assessing the difficulty level of a social engineering attack.
Investigation IT

A frequent impulse for starting actions connected with ensuring IT security in an organisation is a specific computer crime suffered by a company. In such situation, it is important to respond to an attack on time and to draw appropriate conclusions. The tasks of investigation IT include delivering digital evidence of committed IT crimes or computer abuse. For that purpose, search is conducted in line with prevailing legal regulations and evidence of crime is sought within computer systems, with the use of specialist software and hardware tools.

System verification

Purpose of the service:

  • delivering digital evidence of committed IT crimes or computer abuse.

Client benefits:

  • access to data and information constituting court evidence from the legal perspective
  • exact knowledge on how Client’s system have been penetrated, what susceptibilities have been used, what data has been stolen/manipulated or deleted from the system
  • possibility to secure one’s own system

Network verification

Purpose of the service:

  • delivering digital evidence of committed IT crimes or computer abuse
  • network verification may additionally indicate what, where, when and in what form has been sent/transferred from a compromised system
  • evidence that cannot be acquired with the use of system’s investigation IT may be supplemented with network’s investigation IT.

Client benefits:

  • access to data and information constituting court evidence from the legal perspective
  • exact knowledge on how Client’s system have been penetrated, what susceptibilities have been used, what data has been stolen/manipulated or deleted from the network
  • possibility to secure one’s own network

Data Recovery

Purpose of the service:

  • analysis of destroyed data carriers with a view to recovering lost data stored on a specific carrier
  • delivering lost data or parts of the data in a form as close to the original as possible.

Client benefits:

  • possibility to recover lost data (documents, pictures, etc.)
  • saving time needed to reproduce data (sometimes this can be counted in years).
IT security consultations

Many years’ experience, unique competence and perfect technical preparation form the basis, thanks to which we can precisely diagnose discrepancies between the existing Client’s IT security system and world prevailing standards in this respect.
Based on the analysis of existing network-service-system infrastructure from the perspective of security of information and data flow between systems, we develop and implement optimum concepts in respect of securing Client’s IT infrastructure and data according to a model “End-to-End Security”. We can develop modern and effective cyber security environment, based on proven and optimum solutions.

Analysis of existing IT infrastructure

Purpose of the service:

  • conducting an analysis with a view to assessing the existing security cover of Client’s IT infrastructure
  • demonstrating to a Client their existing security level and indicating whether and to what extent it may vary from currently applied world standards
  • demonstrating to a Client modern data and IT infrastructure security systems

Client benefits:

  • information on the status of security system in the organisation as compared to world cyber security standards
  • analysis of gaps in respect of cyber security as well as identification of specific scope of repair work to be implemented with a view to increasing IT security level.

Development of an architecture concept

Purpose of the service:

  • development of a security concept, which shall facilitate improving the existing status of Client’s IT infrastructure security
  • demonstrating to a Client a concept based on modern data and IT infrastructure protection systems
  • delivering to a Client a consistent and complimentary security concept.

Client benefits:

  • information on which system would be the most optimum so that the cyber security level could improve in the organisation in line with the world standards
  • development of a scope of work and auxiliary technologies to be implemented with a view to increasing IT security level.

Implementation of an architecture concept

Purpose of the service:

  • delivering the top class and the most modern solutions aimed at protecting sensitive and strategic data and information owned by a Client
  • delivering technologies which would not only protect data, infrastructure and users but would also provide information necessary to identify reasons for data losses / security breaches in case of a loss of data (intentional or unintentional).

Client benefits:

  • IT infrastructure security environment based on the most modern solutions
  • uniform and consistent security platform characterised with scalability, easy access and consistency
  • certainty that in case of an attack or data loss (intentional or unintentional), it will be possible to track the method of a breach / theft and to identify what data has been lost/modified/copied and what has happened with that data.

Why Vector Synergy

vector-synergy-introducing-balance-200

Vector Synergy secures balance

  • it ensures the best security solutions, planned and implemented by world-class certified specialists, with vast experience acquired in such organisations as NATO,
  • in crisis situations, Vector Synergy team shall ensure professional risk management, assessment and minimisation of losses, it shall conduct cyber-investigation with evidence collection and identification of what happened
  • it provides the best protection through monitoring of system operation and services available 24h a day.

Cyber Defence products

CDeX logo

CDeX

CDeX (Cyber Defence eXercise Platform) i.e. cyber training range, is a unique training system which helps increasing practical skills of specialists responsible for the security of tele-IT infrastructure in respect of detecting and responding to cyber-attacks.
The training takes place in real time.
The training involves a Blue Team (a defensive team) and a Red Team (an offensive team).

WIĘCEJ