The Advanced Persistent Threats are complex hacking processes carried out by attackers usually targeting a specific entity. The term "persistent" is used to emphasize that it is often based on a Command & Control system that continually monitors and exfiltrates data from the targeted system. Today, the most often used techniques are based on the detection of known attacks using signatures and identification of behaviour anomalies (e.g., as done by Intrusion Detection Systems), but 0-day and Advanced Persistent Threats (APTs) are not accurately detected by existing techniques.
Our Pentesting service perform real attacks, realistic attack simulations and emulations on your infrastructure to identify existing vulnerabilities and obtain recommendations on how to improve your overall security. We rely on different tools to target diverse environments (mobile networks, enterprise network, IoT environment, Cloud computing, etc.)
Artificial intelligence (AI) is an area of computer science which focuses on the creation of machines or computer programs that imitate the functions we usually associate with human minds. Among these functions, the most researched are "problem solving" and "learning".
In order to detect threats the big majority of security monitoring systems use a signature-based approach. The "signatures" of previously identified security threats are kept in databases. In a variety of situations, the signature based scan can be effective, but it has limitations: - It cannot detect new malicious signatures as such. - They are completely ineffective against the encrypted traffic.
Blockchain is an information storage and transmission technology without a centralized control organism. Technically, it is a distributed database whose information sent by users and internal links to the database are checked and grouped at regular time intervals in blocks, the whole being secured by cryptography, and thus forming a string.
Cloud computing is the availability of computer system resources, especially data storage and computing power, on demand, without direct active management by the user. The term is generally used to describe data centers available to many users over the Internet. Large clouds, predominant today, often have functions distributed over multiple locations from central servers. Existing monitoring solutions to assess security and performance can still be used in virtualized environments and mainly for multi-cloud based applications. Nevertheless, existing solutions need to be adapted and correctly controlled since they were meant mostly for physical and not virtual systems and boundaries. The main inconvenient is that these solutions do not allow fine-grained analysis adapted to the needs of cloud and virtualized networks.
The word cyber range comes from an analogy with shooting ranges used to test and train fire-arms. A cyber range is a virtual environment used for cyberwarfare training. Cyber ranges are also used for cybertechnology development as they can be used as scale models for developing large scale applications.
Deep packet inspection (DPI) is a way of processing data.The detailed inspection of the packets of data being sent over a computer network allows decision taking regarding the traffic. Blocking, re-routing , or logging the flow of data are just a few of the multiple uses of Deep Packet Inspection.
Same as cloud computing, fog computing provide storage, applications, and data to end-users. The difference resides in the fact that while cloud computing is concentrated in data centers, fog computing has a closer proximity to end-users and bigger geographical distribution. Also known as edge computing or fogging, fog computing facilitates the operation of compute, storage, and networking services between end devices and cloud computing data centers. Fog computing is a medium weight and intermediate level of computing power. Rather than a substitute, fog computing often serves as a complement to cloud computing.
Encrypted tunnels (via SSL / TLS, SSH ...) are becoming more widespread and simpler to set up. They can be used by cyber attackers for performing data exfiltration, botnet command & control and many others. The usual methods of detection - DPI, payload analysis become ineffective when confronted with the data being encrypted before transmission.
High bandwidth network analysis is the process of recording, reviewing and analyzing network traffic for networks exceeding a traffic of 10 G/s. The high bandwidth network analysis is used to convey information about performance, security and general network operations and management. Nowadays, with video streaming taking a more and more important place in the total of communications over the networks, the utility of a tool capable of analyzing massive amounts of traffic in real-time is undeniable.
Evasion techniques are techniques used by cyber-attackers to evade detection by security applications (e.g., Intrusion Detection Systems, Intrusion Prevention Systems, Firewalls, Malware scanners). They can be used for rendering the security applications ineffective or transmitting surreptitious information (e.g., for Command and Control of botnets).
The adoption of the cloud computing paradigm has opened new business possibilities thanks to the virtual availability of huge computing resources at a low cost. However, at the same time, many potential users are still reluctant to move their critical data and applications to commercial clouds, due to a substantial lack of trust in providers for what regards security.