We provide reactive forensic services (security incidents, digital investigations, computer forensics) and preventive services (preparation of personnel and systems to effectively address future attacks, which is one of the most important fields of cybersecurity).
Reactive Forensic Services
Response to security incidents
Have you detected a possible security breach?
Can not access your systems or files?
Have you suffered a loss of data?
Do you need to present evidence in a judicial process or evaluate an expert report from the opposing party? We have dealt with thousands of cases and conducted hundreds of expert reports with 100% acceptance of evidence in the judiciary.
We help you improve your knowledge in cybersecurity, from the management layer, through awareness pills, through staff awareness or specific training of technical teams (incident management, forensic analysis, malware analysis).
There are different types and different approaches to carry out security audits.
At INCIDE we base security audits on internationally recognized standards, such as OSSTMM, NIST SP 800-115, OWASP, MITRE ATT&CK Matrix, among others.
The objective of a Red Team exercise is to test the level of detection of attacks of the Blue Team (Team of defense of the organization). For this, the Red Team carries out an attack to compromise the organization and without prior knowledge of the attack the Blue Team should be able to detect, identify and contain the threat. The key to these exercises is to be able to share ideas and solutions the level of detection against advanced threats
An external hacking is an intrusion test in which points of entry that could allow an attacker access to privileged information from outside the systems of the organization are searched. The objective is to identify points of improvement in the systems of the organization.
An internal hacking is an intrusion test in which they search for entry points that could allow an attacker access to privileged information from within the systems of the organization. The objective is to identify points of improvement in the systems of the organization.
Most security commitments begin with an external commitment, generally through an email or visited link, of the team of a user of the organization. An EndPoint audit is an exhaustive audit of a standard equipment of the organization in which different standard vectors are tested to evaluate the protection measures of said EndPoint before different types and levels of threat.
It is usually an ideal test if you want to evaluate different EndPoint solutions (AntiVirus, EDRs or other agents).
It is the ideal complement to the EndPoint audit, given that by means of this test it is possible to exhaustively evaluate the detection level of the perimeter systems against different types of threat.
The effort is concentrated in this case in the preparation of sophisticated attacks of social engineering to see what is the degree of alertness and preparation of end users against this type of attack techniques.
The objective of these simulations is to evaluate the degree of compliance with the incident response procedures of the organization. To do this, a series of incident typologies are chosen and the response of the organization is studied.