While Nynox is new – founded in August 2016 –, we have an experienced team due to Nynox being founded under the Cronos Security Group from several specialized teams within IS4U. The IS4U pentest team has a history in offensive security while our defensive team provides knowledge in the field of operations. The combination of these two gives us a unique approach to security services.
Through our highly skilled ICT security experts Nynox offers security operations services such as penetration tests, vulnerability assessments and system hardening guides, as well as managed services including a 24/7 computer security incident response team (CSIRT) and a managed SIEM solution keeping a continuous close eye on your environment.
A Security operations center (SOC) is a centralized unit that gathers security intelligence and handles security incidents. The security intelligence is gathered through centralizing event logging from various devices or applications and to assemble flows from connections made on the network. Collecting the event and flow information from a centralized position allows for automated correlation and baseline establishment. The automated correlation is performed by a Security Information Event Management (SIEM) tool.
A SIEM gives the analyst the opportunity to take all the input gathered from the environment and test this information against a certain set of rules. These rules are created by the baseline of the network, making offenses versus these rules anomalies. Nynox has a 24/7 team on standby to respond to these anomalies and to perform incident forensics to investigate precisely what happened and to check for business impact. If there are traces of unwanted presence or unwanted behaviour, remediation steps will be suggested to solve the situation and to ensure that future reoccurring incidents are averted.
Vulnerability assessmentA vulnerability assessment is the process of identifying vulnerabilities on a network, and gives an overview of the flaws that exist on a system. It makes use of non-disruptive techniques. A vulnerability assessment answers the question "What are the present vulnerabilities, what is the impact and how do we fix them?" In other words, a global view of the security posture of a company is presented as the resulting deliverable. A vulnerability assessment does not go into detail in how a specific exploit could lead to a compromise of data. A vulnerability assessment can be done externally, or internally, depending on the scope.
Penetration testA penetration test is focused on gaining access to the environment through testing on different levels (physical security, social engineering, wireless security, network security, application security,…) and using that access to provide validation of the possible impact an attacker can have on a company. It can make use of disruptive techniques, using credentials, as long as it is within the limit of a predefined set of rules of engagement. A penetration test answers the question: "Can an attacker or intruder break-in, what can they attain and what are the consequences?". A penetration test is more focused on gaining privileges through weak chains in the company. Tests are done using both automated tools and manual testing, sometimes including R&D and custom exploit/payload writing.
Application securityDuring a web application security test, the application will be subjected to browser based attacks that concentrate on user actions in the web application. Testing will be done using both automated crawling and scanning tools as well as manual testing using the OWASP web application testing methodology. These tests include: information gathering (Recon), config & deploy management testing, identity management testing, authentication and session management testing , authorization testing, data validation testing, cryptographic analysis, business logic testing and client side testing.
Of course all these product offerings are configured and managed by our team of offensive and defensive security experts!
One of the greatest threats to information security could actually come from within your company or organization. Inside ‘attacks’ have been noted to be some of the most dangerous since these people are already quite familiar with the infrastructure. It is not always disgruntled workers and corporate spies who are a threat. Often, it is the non malicious, uninformed employee.
The focus will be on uninformed users who can do harm to your network by visiting websites infected with malware, responding to phishing e-mails, storing their login information in an unsecured location, or even giving out sensitive information over the phone when exposed to social engineering.
One of the best ways to make sure company employees will not make costly errors regarding information security is to institute company-wide security-awareness training initiatives that include, but are not limited to classroom style training sessions, security awareness website(s), helpful hints via e-mail, or even posters. These methods can help ensure employees have a solid understanding of company security policy, procedure and best practices.