Cyber Security Services

Our wide range/types of penetration tests services, security assessments combined with our risk mitigation consultancy services, ensure that the needs of you will be fully covered.

 

Vulnerability Assessment and Penetration Testing (VAPT)

Vulnerability Assessment and Penetration Testing (VAPT) provides enterprises with a more comprehensive application evaluation than any single test alone. Using the Vulnerability Assessment and Penetration Testing (VAPT) approach gives an organisation a more detailed view of the threats facing its applications, enabling the business to better protect its systems and data from malicious attacks.

Vulnerabilities can be found in applications from third-party vendors and internally made software, but most of these flaws are easily fixed once found. Using a VAPT provider enables IT security teams to focus on mitigating critical vulnerabilities, while the VAPT provider continues to discover and classify vulnerabilities.

Our Services:

  • Web application penetration test
  • Mobile application penetration test
  • Network penetration test
  • Compiled Application Penetration Test
  • Network Device Security and Configuration Assessment
  • Virtualisation Assessment
  • Remote Access Assessment
  • Database Assessment
  • Wireless Assessment
  • Social Engineering
  • Cloud security review
  • The vulnerability assessment


Compliance and Governance (GRC)

In today’s cyber security landscape, ensuring compliance and good governance is more important than ever.

Our experienced and fully qualified Risk Management and Governance team will assist you in reaching and maintaining compliance to standards and regulations such as: ISO 27001, PCI DSS, GDPR, SWIFT, NIST Cybersecurity Framework, CIS Controls, EBA Guidelines on ICT and security risk management to ensure that you are in line with best practice frameworks.

Results will be presented in a business focused report where the client’s current maturity level will be rated, followed by recommendations on how to reach the advised target maturity level. The report will also contain high-level findings, identification of threat actors, and likely attack scenarios.


We offer the following services:

  • CISO and information security team as a service
  • DPO (Data Protection Officer) as a service
  • Cyber Security Assessment
  • PCI DSS
  • SWIFT
  • Corporate Governance


Consulting and Managed technologies

Our consultant will provide a high-level consultancy to improve your cyber security maturity. The consultancy gives you a tangible view of where your strengths and weaknesses are, and prioritisation to address them. Additionally, you can quickly see your current and desired maturity rates – all in a format that is easily presentable to the board.

Our consultants have been instrumental in providing reasoned advice and support in delivery of technical solutions, policies and procedures, and cyber and information risk management strategies. All of these aim to reduce the risk of cyber-attacks that are faced by their business.

Our team's delivered consultancy services include global practice, and this is supported where required by the technical skillset provided by our Penetration Testing and Managed Technologies services which incorporates threat intelligence function.

With our security team, the client can get Managed Technologies Services for Network and End-Point Monitoring. By means of the Network Traffic Analyser, we define infected workstations inside the client network, even with encrypted traffic. AI technologies / Machine Learning, which constantly adapt to a client-specific network, will detect any small deviations from normal.

For example: an employee who becomes too active outside of his normal hours, or if a system administrator has gone rogue, etc. So, with an endpoint agent, we can see even more down to the core processes on a PC, and do machine learning on that too. Therefore, we can see if any of the key parameters are unusual compared to normal activity – both in terms of time of day or week, amount of data, type of device, type of software, recipient, etc. We do also capture ALL raw data, as well as encrypted data. It is then possible to decrypt, to do deep level forensics after a cyber incident if needed.

Our team integration with cloud service providers /partners is also welcomed.


Education – awareness training

We believe that a holistic and systematic approach to awareness training is the most effective solution. If the individual employee’s security awareness needs to be increased, it should be seen as a cultural change throughout the organisation. For this to succeed, a focused and systematic effort is required.

We offer awareness training on several levels ranging from an entire course based on your specific business goals and desires, as well as training that is specifically adapted to various employee groups within your company, to a single presentation where we meet with management or employees, and talk about the current threat landscape, based on your specific industry. We offer the following awareness solutions:

  • Cybersecurity awareness training
  • GDPR training
  • Training for Developers
  • PCI DSS Training

 

Solutionlab Partners with Rootshell Security

Rootshell Security, the company transforming cyber threat management, announced its partnership with Solutionlab, a leading software development and IT consultancy company.

The partnership modernizes Solutionlab’s cybersecurity solutions by offering Rootshell’s Prism Platform and industry-leading testing services to its enterprise clients.

Consolidating their threat assessments results in a single, vendor-agnostic platform, Solutionlab’s clients can now manage and measure their security posture from one centralized hub, streamline collaboration and remediation workflows, gain greater context of their vulnerabilities, and leverage the interconnected testing and assessment services that power the Prism ecosystem.

With the reliability that comes with being CREST certified, Rootshell’s RedForce testing team of ethical hackers can be deployed by Solutionlab to undertake penetration tests, application testing, and red team engagements, which test whether a client could be breached ‘by any means necessary’ (pre-approved by the client).

Solutionlab clients can also leverage the Rootshell Security Operations Centre (SOC) to deliver Managed Vulnerability Scanning (MVS), including the removal of false positives, and execute a range of phishing assessments, including bespoke spear-phishing and intelligence-led phishing assessments.