Cybersecurity Services
1. Evaluation & Planning Services
üBusiness System Penetration Testing
With user authorisation and supervision, simulate hacker attack techniques to perform non-destructive security testing on target systems, identify and exploit vulnerabilities, and provide detailed remediation recommendations.
üecurity Risk Assessment Services
Use scientific methods to identify network and information system assets, analyse threats and vulnerabilities, assess existing risks and their severity, and propose targeted protection recommendations and planning.
üSource Code Audit Services
Identify vulnerabilities, security flaws, and code defects in source code, analyse associated risks, and provide remediation advice to ensure code-level security.
2. Operational Assurance Services
üRed Team vs Blue Team Exercises
Non-destructive attack-defence exercises on designated business systems, where the red team simulates attackers and the blue team defends, aiming to improve system security.
üMajor Event Security Support
Provide end-to-end cybersecurity support during major events (e.g., HW operations) or public holidays to ensure stable system operation.
üCybersecurity Monitoring
Use specialised platforms to conduct 24/7 monitoring of designated websites, issue alerts on anomalies, and generate daily, weekly, and monthly reports as needed.
üSecurity Inspection Services
Regularly scan for vulnerabilities, check baseline configurations and audit logs, and provide reports with risks and remediation suggestions.
üEmergency Incident Response
Provide immediate analysis, containment, restoration, and tracing during cyberattacks, and issue incident response reports afterwards.
üThreat Intelligence Services
Deliver monthly cybersecurity reports with vulnerabilities, alerts, and recommendations; provide special reports during major incidents.
3. Security Training Services
üOffensive & Defensive Security Training
Targeted at technical staff such as DevOps and developers, covering secure configurations, secure development, attack techniques, and defence measures.
üSecurity Awareness Training
Targeted at non-technical personnel, explaining threats in daily work using real cases, covering security management, laws, ransomware, social engineering and more.