"The best professionals using the best standards and methodologies"

 

  • Information Security Governance

    Advisory services dedicated to IS Governance Management, from Policy to Procedures development, Maturity Assessments, ‘as-a-service’ support for the upper management roles and development an information security strategic planning/roadmap within the organization’s governance framework reinforced on information security programs. Aiming to provide C-level support on information security objectives and progress measurements to raise security levels within an organization.

  • Privacy, Risk and Compliance Management

    Auditing and management of compliance with International Standards such as PCI-DSS and ISO/IEC 27001, and Regulatory Compliance such as the General Data Protection Regulation (GDPR).
    Management of Privacy and Data Protection, from the execution of a Data Privacy Impact Analysis (‘DPIA’ or ‘PIA’), to the full definition of the DPO role and Data Protection requirements for GDPR Compliance.

  • Learning and Training

    Area including tools for e-Learning and Gamification, as well as the development of contents for Information Security and Privacy Awareness, including planning and management of the Awareness Program.
    In this area, we include Technical workshops for several topics such as Secure Coding and Secure Software Development Lifecycle (SSDLC).

  • CSIRT Services

    Professional Services dedicated to support the Computer Security Incident Response Team (CSIRT) or internal Security Operations Center (SOC).
    This area offers a service model for SOC ‘as-a-service’, SIEM and Log Management architecture and use-case development, and on-demand Forensics investigation for Security Incidents.

  • Ethical Hacking

    Technical Auditing projects led by a highly skilled team with experience in testing infrastructures, web and mobile application across a wide range of National and International Organizations.
    These services are performed in alignment with business or risk management needs, mapping vulnerabilities into business risks, classified according to international standards (OWASP, CVSS, CWE and others) and including mitigation proposals.