Our mission is to help companies and international institutions make the right strategic decisions and protect them against spying and cybercrime.
Safety management must be transversal (business, technological, physical, human, legal, etc.) and be based on the continuous assessment of risks and the monitoring of their effective reduction.
The methods of analysis and risk assessment (EBIOS, ISO 27005) applied to the most sensitive perimeters make it possible to identify the essential assets to protect, to map the technological, physical and human components involved, to identify their exploitable vulnerabilities and the sources of threats to be controlled first. Risk monitoring dashboards can then be set up to better communicate with strategic management and business lines, prioritize projects and objectively evaluate their effectiveness in terms of security.
The choices of risk handling process, relevant security measures and clear identification of the areas of responsibility require transversal “informed” handling and must be supported by the highest level of management. To support this type of governance, the principles of setting up a ISMS (27001/2) and continuous improvement (PDCA, ISO 27003, CMM) will bring better internal collaboration, better management of resources and costs, and the possibility of reassuring value for clients.
The most relevant security standards can finally be used on a case by case basis to select best practices, reuse a recognized formalism and communicate more easily in terms of compliance (ITIL, GDPR, IES 42443, Cloud alliance, 20 CSC...) .
These principles can be packaged in short mission of audit or council over time:
Risk analysis, impact assessment, threats and vulnerabilities (targeted scope)
Security maturity audit (CMM v/s best practices Iso 27002, 20 CSC, ITIL/SecOps... )
Internal audit of compliance (GDPR, Iso27001, PCI-DSS, SDL/Security by design...)
Implementation of management technics (RACI) and security policies (international)
Security Governance Council (CISO, CSO, CTO...) and Change Management (KPI, SMSI)
Regardless of the maturity of the organizations and the quality of the technologies, the security will depend essentially on the human being (administrator, developer, user, manager ...).
To fundamentally improve the security and resilience of your organization, it is necessary to spread the risk culture to each business function, to involve management into changes of staff, to offer specific training for each support function and to simulate attacks to evaluate vulnerabilities and incident responses.
Many media and platforms exist to create campaigns (events, posters and newsletters, eLearning, phishing platform ...) but the overall effectiveness will reside in the “transversal” management of programs (IT Security, Industrial, Physical, HRD, Suppliers ...), in connection with risk analysis (dreaded scenarios, critical vulnerabilities, sources of threat), coordinated with security projects (IT, site security, supplier SLA, legal...) and technical audits (PenTests).
These principles can be packaged in council over time or the setting up of program:
Targeted risk awareness campaign (staff / process / critical context)
Attack simulation and resilience assessment (phishing, ransomware, DRP, media crisis...)
Implementation, Training/Certification, Animation of the network of security correspondents
Setting up of platforms (eLearning, blogs, helpdesk ...) and measuring means
CISO/CSO/CTO coaching... and reviews animations (objectives, KPI, audits, incidents...)
Our team can carry for you technical administration tasks such as the administration of internal and external Linux servers, web and network applications hosting as well as the transition to opensource solutions (Active Directory, VPN access, supervision etc...). We also offer support for cloud migration of your services and workstations. Based on our experience in computer security, our administration processes include high requirements in terms of protection and threats prevention.
RedTeam mode: Intrusion test in an undefined perimeter, it's the closest to a real attack. The goal is to compromise the most data or to penetrate the furthest into the institutional system of the target. Our team will look for all the weak points allowing it to advance in its attack. The team does not dwell on an exhaustive analysis, its goal is simple: to compromise a maximum of information without raising suspicion. It allows to test the responsiveness of your teams in charge of security and thus to learn more about your security but above all it reflects your true exposure to a real attack. Your security level depends on the security level of your weakest link.
BlackBox mode: Intrusion test in a defined perimeter without any technical information on the target. The approach is the same as for the RedTeam mode, but it is restricted to a site, an environment, an application, a network...
In collaboration with the various project actors (designers and operators) we carry out interviews and a documentation analysis, completed by technical observations (White Box, Blue Team) to obtain a coherent snapshot of the security level.
We perform code audits to identify design/implementation vulnerabilities or to perform pre-release checks. Our technical teams are also specialized in finding Zero Day exploits. We carry out forensics and data recoveries on any type of media, damaged or not, on any type of logical support, hard drives, smartphones (android, iOS)...
Our R&D team help you realize all your ideas and concepts. We assist you or carry for you the development of functional prototypes. Our teams are as well experienced in low-level as they are in mainstream applications development.
We take cybersecurity into account right from the design phase. We help you, from the definition of needs and threats, to the deployment and integration monitoring. Every use case is studied and detailed to provide the best solution for each issue.
Companies rely too often on detection and prevention technologies focused on frontal exploits (strong signals). However an attacker who enters your network generally applies to not ring any bell of this type and tries to stay under the radar thus generating only weak signals. We help you in setting up solutions for detecting these signals. We also help you create special logging, analysis, and baiting strategies to quickly detect intrusion attempts.
We help you define your needs and deploy solutions for the processing, storage and exchange of sensitive data in a dedicated and highly protected Information System.Learn more about SanctuarIS