Audit & Control
Our Audit & Control service regards:
- Expertise in organisational audit, technical audit (configuration, architecture and code audit), pentest and Redteam
- A pragmatic approach tailored to the security goals, defined in liaison with clients
- Certified pentesters and auditors (OSCP, GXPN, CISSP, CISA, ISO 27001 Lead Auditor) who give precedence to human expertise
- A team well-accustomed to working in a critical environment, assessing and minimising the business impacts of intrusion tests and audits
- A method grounded in the market’s leading standards and the experience of our auditors
Which service will provide the best assessment of your security?
Our auditors assess how well the security of your information systems is managed in relation to the reference standards, your internal and sector-specific reference standards and your operational risks.
Our experts assess the technical and organisational security measures of your information systems in relation to security requirements concerning availability, integrity, confidentiality and traceability, while considering the threats that the system in question will be exposed to.
Our auditors test the implemented security configurations against internal policies and reference standards.
Our experts evaluate your web and fat client applications through industrialised static analysis, a human code review and a dynamic approach.
Working within a perimeter agreed with the client, our pentesters proceed in the same way as an attacker would. They can simulate attacks from outside and/or inside your network, or target specific systems and equipment. They help you to define scenarios and select the approaches (black box, grey box and white box) that will provide the best response to your security objectives.