Avanguard
  • Home
  • Offensive Security
    • Advanced Persistent Threats
      • Red Team Exercises
      Human Targets
      • Social Engineering
      • Open Source Reconnaissance
      Infra & Cloud Targets
      • Web Pentesting
      • Infrastructure Pentesting
      • Malware development Pentesting
      • Open Source Reconnaissance
      Mobile device Targets
      • Mobile Application Pentesting
      • Mobile Malware development Pentesting
      IoT & ICS Targets
      • Firmware hacking & reverse engineering
  • Active & Adaptive Defense
    • Defensive Services
      • Cyber Threat Intelligence
      • Perimetric Security
      Preventive Services
      • Governance Risk & Compliance
      • CISO as-a-Service
      • Data Protection
      • Secure Development & Code Review
      Detective Services
      • Security Operation Center
      • Deep Monitoring & Event Management
      • End User Behavior-based Analytics
  • Reactive Security
    • Remediation Services
      • CSIRT - First Responder
      Investiguation Services
      • Digital Incident Forensic
  • Our Prototypes
    • Incident Management
      • Incident Management Platform
      Early Warning System
      • Threat Forecast Center
      End-User & Infrastructure Monitoring
      • Avanguard Overwatch
      Operations
      • Security Operation Toolkit
      • Malware Forensics Platforms
  • Our Frameworks
    • Cyber Security Governance & Management
      • Avanguard CMF
      Cyber Threat Intelligence
      • Avanguard CTI Framework
      SIEM Business Cases
      • SIEM Business Cases Framework
  • Contact Us
  • Home
  • Services

Offensive Security Services

Advanced Peristent Threads

Red Team Exercises

Red Team Exercises are one of the platinum services offered by Avanguard. Those exercises are aimed at simulating a real targeted cyber attack by deploying its whole lifecycle, from reconnaissance to exfiltration of data. The objective of Red Team exercises is to attempt to compromise a company's Information systems, by any means possible, using any attack vector. Those exercises will help companies to have a holistic view of they cyber security resilience, as it assesses the prevention, detection and response security measures in place. Those tests will involve all types of intrusion testing activities, such as Social Engineering, tailor-made malware attacks, Web Application penetration testing, etc...


Human Targets

Social Engineering

Human are the weakest link. Most of modern cyber attacks, in particular Advanced Peristent Threats, imply targetting humans in order to compromise information systems. Human can become the shortest path to a compromise as their end points are located in the internal network of the Company. Methodologies such as embedding malware in e-mails, spear-phishing attacks can pass through a number of defense-in-depth mechanisms as targeting end user end-points directly.

Open-Source Reconnaissance / Intelligence

Open-Source Intelligence aims at discovering different sets of information concerning a target using pulic available information, such as information on the Internet. This activity is crucial in the process of cyber attacks in order for the attackers to identify weakest links of an organisation which could lead to its compromise.


Applications, Infrastructure, Network and Cloud Targets

Web Application Pentesting

Numerous security vulnerabilities can bring Web Applications at risk of compromise. Web Applications can often become the the initial infection vector and the entrance door to cyber criminals. Web Applications Intrusion testing is aimed at identifying vulnerabilities affecting the Applicative layer.

Infrastructure Pentesting

Infrastructure Pentesting are aimed at identifying vulnerabilities affecting the system layer of information systems.

Network Pentesting

Network Pentesting are aimed at identifying vulnerabilities affecting the network layer of information systems.


Mobile Targets

Mobile Application Pentesting

Mobile applications, on top of standard Web Application vulnerabilities, come with new attack vectors from cyber criminal, mostly because of the fact that the client side resides on the mobile phone, which can easily be accessed by a cyber criminal (loss, thefth)

Tailor-Made Mobile Malware Pentesting (M-APT)

Tailor-Made mobile malware pentesting is one of the platinum services offered by Avanguard. It involves the usage of home-made malware which will not be detected by security protections on the mobile phone, such as it would be the case in high-profile targeted attacks. Such tests will assess the effectiveness of layered defense, bu tyring to breach different layers of security mechanisms.

Offensive services

  • Advanced Peristent Threads
    • Red Team Exercises
  • Human Targets
    • Social Engineering
    • Open-Source Reconnaissance
  • Infrastructure & Cloud Targets
    • Web Pentesting
    • Infrastructure Pentesting
    • APT - Instratructure Malware
    • Open-Source Reconnaissance
  • Mobile Targets
    • Mobile Pentesting
    • APT - Mobile Malware

About Us

Avanguard is our digital security expertise company providing best-of-breed strategical, tactical and operational advantages to companies in managing digital security risk landscape... View More


Avanguard

© Copyright 2016. All Rights Reserved.