Technical Services

Penetration tests are a great way to measure the security level of the information system and to identify vulnerabilities through internal or external penetration attempts. It helps organizations simulate the presence of a hacker by carrying out attacks targeting the three security pillars: Cyber, Physical and Human.

Types of penetration testing exercises:

  1. External Vulnerability Assessments and Penetration Testing
  2. Internal Vulnerability Assessments and Penetration Testing
  3. Web Applications Penetration Testing
  4. Mobile Applications Penetration Testing
  5. Wireless penetration testing

To assess and measure the security level of selected databases within the infrastructure aiming to help organizations protect the databases from internal and external attacks on two levels: Data and System Security.

It helps organizations put in place the strategy to enable user identity assurance and secure access to the assets by providing an omni-channel experience for all the users and systems.

This service helps organizations investigate digital crimes in order to identify the nature, the time, the means, and the involved parties in the incident.

This type of assessment aims to assess and improve the security layers of applications and the interactions between the APIs.

The objective is to apply an in-depth defense approach through the implementation of several security layers to protect the environment against potential threats. The assessment covers all areas, from network equipment, mail filter, network communications, LAN topology, remote connectivity to log management and event correlation, network management, etc.

It helps organizations implement Mobile Device Management solutions and assess the readiness of the IoT strategy and security architecture.

The objective of this exercise is to review and analyze the source code of the application and test it manually and automatically against common best practices frameworks such as PCI-DSS, OWASP, etc.

Advisory Services

It helps organizations assess and implement the full Business Continuity Management Program, ranging from the Asset and Processes Identification, executing the BIA, to the Business Continuity Pan.

The objective of this assessment is to help organizations assess, implement and enforce an ISMS strategy and controls and build a roadmap based on common international standards such as ISO 27001.

This will help organizations build and operate an IT Service Management environment through the development of policies, processes, procedures, KPIs and KRIs based on standards such as ITIL.

This service aims to provide guidance and coaching for internal IT audit teams in order to develop and audit the current as-is state of the IT environment.

It will help organizations manage cyber risk through tailored security risk assessment and cyber-controls frameworks that align the organizations’ risk appetite with the current risks.

The objective is to help organizations developing their cyber vigilance capability by advising, implementing and operating a managed SOC, on-premises or on the cloud, with use cases that fits each business, logs fine-tuning and a proved threat intelligence and exchange capability.

This service aims to help organizations assess their privacy maturity situation and design a risk-based action plan and roadmap to better navigate the privacy risk.

It helps organizations draft and evaluate RFPs, build their business cases, and assist in the vendor selection and benchmarking.

This service will help organizations by developing high-level and specialized and advanced training that covers the different areas of our services. In addition to that, Potech Consulting can help defining awareness strategies and campaigns in order to embed a cyber security culture in organizations.