Cybersecurity
Our services
About the service
Before we begin any testing, the first step is to define the scope and objectives together – every organisation has a unique risk profile, assets, and priorities. We work with web applications, network infrastructure, cloud environments, embedded/IoT systems, and AI components.
Once we have a thorough understanding of your environment, we design test scenarios that genuinely reflect your real threats.
What is a security reconnaissance?
We take a comprehensive approach covering infrastructure configuration, web application security, access policies in Active Directory and Microsoft 365, and resilience against social engineering attacks.
Our activities include:
- Network infrastructure security testing
- Web application security testing
- AI/LLM system security testing
- Workstation security analysis
- Active Directory and Microsoft 365 security testing
We work together, not alongside
Security reconnaissance is for us a starting point for conversation, not a one-off engagement. Our team remains available throughout the entire project, providing advice and support during the implementation of recommendations.
Our packages
CYBER Package: Security Foundation
A rapid review for companies with brochure websites, WordPress sites, or simple landing pages – for those who care about their image and basic digital hygiene.
Scope
- Web security – verification of SSL/TLS and HTTP security headers (HSTS, CSP, X-Frame-Options).
- Email and DNS hygiene – configuration of SPF, DKIM, and DMARC records protecting against spoofing and phishing.
- WordPress / Landing Page – audit of plugin versions and default passwords, and securing wp-admin and hidden configuration files.
- Basic form testing – protection against spam and simple code injection in contact forms and search boxes.
Implementation support: after delivering the report, our team helps you roll out the fixes quickly – you are not left alone with a list of problems.
CYBER PLUS Package: Deep Resilience
Comprehensive penetration testing for companies with their own applications and server infrastructure – for Software Houses, e-commerce, and companies with their own customer panels and VM/Docker environments.
Scope
- Advanced application testing (OWASP Top 10) – manual testing of business logic, IDOR, privilege escalation, and Authentication Bypass, plus full analysis of SQL/NoSQL Injection and XSS.
- Server infrastructure – port and service scanning (TCP/UDP), operating system fingerprinting, and identification of CVE vulnerabilities for Nginx, Redis, databases, and Docker containers.
- Office and edge infrastructure – identification of externally exposed services (VPN, admin panels), network topology analysis (CIDR), and detection of hidden assets.
- OSINT reconnaissance – subdomains, public S3/Azure Blob buckets, and data leaks on the Dark Web.
- AI consulting – analysis of the use and security of AI solutions within the organisation.
Implementation support: direct consultations with the client's IT team, joint roll-out of fixes, and full follow-up with re-tests included in the price.
CYBER PRO Package: High Protection
A subscription model providing continuous oversight and protection – for companies with high security priorities that require constant monitoring.
Scope
- Continuity of operations – monthly vulnerability scanning and quarterly mini-pentests of new application features.
- Identity and cloud management – audit and consulting on Microsoft 365 and Entra ID (Azure AD) configuration, verification of MFA policies and user permissions.
- Internal infrastructure – recurring testing of LAN segmentation, configuration, and vulnerabilities – delivered as part of the subscription.
Implementation support: ongoing contact with a dedicated specialist, priority incident handling, and regular monthly reports.