Integrated and comprehensive approach

Our global security approach : PRONETIS adopts an innovative security approach based on risk analysis and identification of security objectives. It ensures a structured, coherent master security plan. The aspects of organization and management are strategic in the management of security information system. PRONETIS considers your cyber security strategy as a whole, rather than in individual silos. Our technical security approach : The best way to evaluate the security of a computer system is to try and get inside it. Therefore, a penetration test simulates hackers attack on a network, system, software or website. It is an independent assessment towards the level of security and an analysis of the risks associated with information assets of the client. Using the latest techniques and the most effective methods of hackers, our experts in Ethical Hacking perform techniques to reveal the flaws and weaknesses existing in an operational, technical and organizational level, and this before hackers find them.

Referential used

Security assessments are based on the frameworks and standards :

Information security risk management (ISRM) (ISO 27005 and EBIOS method)
Information Security Management System (ISO 27001)
Code of practice for information security (ISO 27002)
Technical references for vulnerability testing and invasive tests: OWASP, OSSTMM, SANS
“Le référentiel général de sécurité” – RGS for French organizations
Continuity plan: ISO 22301 standard

Security tools

Our security team uses a variety of tools depending of the objective of the mission :

Risk Analysis: specific tools compliant with ISO/IEC 27005, ISO/IEC 27002 and RGS standards
Penetration tests: specific tools, open source tools and community and commercial tools
Security labs: virtualized environments for making proofs of concept, investigations and demonstrations
Data modeling: specific tools for building complex data recovery plan (structure, type, depth, size, use)
Collaborative tools to conduct projects