YOUR UNIQUE PARTNER FOR
Discover vulnerabilities and weaknesses within your external perimeter by simulating attacks that would be performed by external attackers against your exposed systems, such as Web and Email servers, along with any remote access services.
Evaluate your security level with respects to a malicious insider, a virally compromised workstation or even temporary access to your network by your partners and consultants.
Perform an in-depth analysis of an application by not only assessing its resistance towards unauthenticated attackers, but also towards legitimate users by analysing whether access control mechanisms are properly setup to prevent privilege escalation and unauthorised data access.
Assess your employees' awareness towards online social threats such as spear-phishing and social engineering by simulating these types of attacks in a controlled environment. These tests can take the shape of generic spam emails or more targeted and tailored attacks against your company.
Red Team Audit
By combining social and technical attacks and reducing the general limits imposed on penetration testers, a red team attack is the closest type of attack to current real world threats. This type of attack also provides a realistic way of assessing whether your detection capabilities are up to par and whether you would be able to detecting and responding to a real intrusion.
Audit Purple Team
During a purple team audit, SCRT engineers and your company's blue team work hand-in-hand in order to discover and exploit weaknesses within your infrastructure, all the while analysing whether your detection mechanisms are able to spot the various attempts, whether they are successful or not.
Support and maintenance
SCRT provides assistance services on the whole range of products for which it is a partner.
We help you design and/or plan your information system in a secure way while taking into account your specific constraints.
Regularly track vulnerabilities impacting your information system. Our insights allow you to prioritize remediation for critical findings.
IRFA : Incident Response & Forensics Analysis
A security incident is the source of stressful situations in which the teams of the company concerned must make quick and precise decisions. With IRFA, SCRT supports you by considering the risk of an event and setting up a mechanism to deal with it. We provide the assistance of qualified and specialized engineers in known response times on pre-established conditions.
Mobile devices ARE ubituitous in enterprise environments. If there is a suspicion of hacking or compromise, SCRT can test your devices to assess their integrity and uncover any traces of malicious activity.
Thanks to its unique experience, SCRT is able to analyze unknown strains of malware to identify their key elements, such as their behaviour and sometimes encryption keys. SCRT can also put their reverse engineering skills in use to assess the security level of compiled applications, whether they be written for Windows, Linux, Android or iOS.
SCRT Security Apps for Splunk
Maintained by SCRT Security experts
Maintained and upgraded by SCRT security experts, these security-centric Splunk applications provide a set of relevant and effective dashboards and use cases.
Robust Splunk Applications
Thanks to our efforts and our investment over time, SCRT has developed robust applications that include services such as policy collection for Windows and Linux, log optimization and dedicated dashboards.
Add SIEM to Splunk
SCRT enhances SIEM Splunk capabilities with the development of Security-Focused Splunk Applications
Follow-up on-site meetings
Specific IoCs made available on your SIEM instance
Specific use-case coverage
Technical reviews on principal malware
ISO 27001 accompaniment
Information is vital today for any organization and a lack of adequate protection of its confidentiality, integrity and availability will have significant impacts. Given the increasing complexity of information systems and the threats that surround them, a structured approach to providing knowledge and managing security is essential.
The implementation of ISO 27001 requires the establishment and operation of an Information Security Management System (ISMS) providing a process framework for the implementation of compliant IT security. cultural and operational aspects of the business.
Identify compliance requirements (legal, contractual, regulatory)
Reduces information security risks
Cost reduction through risk-based security management
Reduces the likelihood and impacts of security incidents
Structured and coherent approach
Comprehensive risk assessment
Measurable and demonstrable safety
Give visibility to suppliers and customers
Get management support
Identify the objectives of the company
Define the ISMS perimeter
Establish ISMS policies, procedures and key performance indicators
Establish the risk assessment methodology
Manage risks and create a treatment plan
Implement and use ISMS policies and procedures
Monitor the ISMS implementation
Creation of supervision reports
Take corrective and preventive measures