Home |About us | Services| Contact
   
   
  Latest News
     The Romanian Goverment decided on Wednesday, 18 November, the foundation of a national center which will have, among other attributions, the duty to prevent and combat cyber terrorism.  
       
     OUG no. 109/2009 for modification and completion Law no. 571/2003 regarding Fiscal Code published in Romania.s Official Monitor no. 689 13 October 2009 abrogate Law no. 260/2007 regarding recording the commercial operations through electronic resources. (electronic invoice).  
       
     ISACA has released The Risk IT Framework which will enable enterprises to understand and manage all significant IT risk types, building upon the existing risk related components within the current ISACA frameworks, i.e., COBIT and Val IT.  

What types of security assessment are we conducting?

  • Vulnerability assessment;
  • Penetration testing/Ethical Hacking;
  • Forensics.

Our vulnerability assessment methodology consists in identifying, quantifying and prioritizing vulnerabilities in the analyzed systems, applications or IT services. Any vulnerability assessment service follows these predefined stages in order to obtain the best and relevant snap-shot of the analyzed systems status: establishing the desired benefits with our client; pre-assessment or initial evaluation of client's infrastructure; in-depth assessment of the analyzed system, workstations, servers, devices and the overall network topology security; communication and client consulting activities during all stages of the assessment; follow-up activities and additional advisory services after the actual assessment.

A major objective of a penetration testing service is to identify how an existing security vulnerability could be exploited, trying to judge and act from a hacker perspective. The tests are performed in a controlled environment, using specialized tools and methods popular in hacker.s world. Due to the significant complexity of penetration tests and due to the high confidentiality nature of the data and system configurations, iSEC proposes a battery of tests performed by trained professionals, with highest ethical standards, all of them certified at international level.

The fraud term is usually associated to those employees that have an inappropriate behaviour, breaking internal rules and standards but also the law; the term also apply to those paid attackers that could obtain legitimate access into your network. This could look like movie scripts, but it actually happens in many organizations, with tremendous effects over their functioning, stability, shareholder confidence and public image. Our forensics services require a very good knowledge of human nature, of a hacker mind, but not only this; it requires also knowledge and specific practices of digital forensics, very similar to criminal forensics, in order also not to tamper evidence.