The starting point is on Security

What do we use?

Evolutionary audit ZeedSecurity (Secure Solutions SL) of which Alxia is Partner, It has been developed as a helpful tool to check the status of internet information services: Websites, ERP, CRM, Intranet, application server / is movable, etc.

How is it done?

It is a two-phase audit based on the UNE-ISO / IEC standard 27001:2007, the OpenSource Security Testing Methodology Manual and the recommendations of the Open Web Application Security Project (OWASP). During the two phases, the state of your systems is analyzed using Artificial Intelligence that applies testing methodologies., verification and validation of threats recommended for your company's industry profile. For this reason, our audit is unique for each company..

PHASE 1

Audit and document generation

PHASE 2

Evolutionary monitoring

The duration of this phase is one month, during this period a number of sequential tests are performed, optimizing the results to the profile of your company. To do this, the following actions are carried out:

  • Definition of the audit plan.
  • Client system identification.
  • Gathering evidence.
  • System analysis.
  • Preparation of the audit report with the recommendations to be implemented.

 

This phase will occupy the following remaining months corresponding to the duration of the service. Its objective will be to control the application of the corrective measures altered during the Phase 1 of the Evolutionary Audit as well as the detection of new threats published during the period between reports that put the company's infrastructure at risk. For this, the following actions will be carried out:

  • Validation of the application of the recommended improvements.
  • Detection of new threats.
  • Control of changes in the security status of your Web services.
  • Evolutionary adaptation of the audit to the new methodologies applied by cybercriminals.
  • Regular delivery of executive and technical reports on the status of the service.

Follow-up technical documentation

The reports obtained in the audits will be available to help your technicians to implement the improvements in their Web services. As well as the telephone support service by the auditor that has generated them.

Confidentiality pledge

Both the technical staff directly involved in these services and the company managers will keep all data and documents confidential..

Share

Leave a Reply

Your email address will not be published. Required fields are marked *

Uso de cookies

Este sitio web utiliza cookies para que usted tenga la mejor experiencia de usuario. Si continúa navegando está dando su consentimiento para la aceptación de las mencionadas cookies y la aceptación de nuestra política de cookies, pinche el enlace para mayor información.plugin cookies

ACEPTAR
Cookie warning