Offensive and defensive security

Offensive security is a proactive and adversarial approach to protecting computer systems, networks and individuals from attacks.

 

In contrast, defensive security measures are focused on seeking out the perpetrators and in some cases attempting to disable or at least disrupt their operations. Defensive activity focuses on reactive measures, such as patching software and finding and fixing system vulnerabilities.

Offensive Security Services
ELC_PIKTO_SEARCH-PERSON.png

Penetration Testing

Our penetration testing services allow you to methodically identify threats to your organization and identify real world risks.

Our Approach

We base our approach on several well-known frameworks:

OWASP - Open Web Application Security Project For all types of application security, the Open Web Application Security Project (OWASP) is one of the most recognized frameworks. This methodology, developed by a community of security professionals, has helped many organizations to mitigate security risks in their web and mobile applications. Leveraging the approach described in OWASP’s web and mobile security testing guides allows us to efficiently and consistently identify common security issues that stem from insecure development practices.

 

PTES - Penetration Testing Execution Standard is a network penetration testing framework created by a community of seasoned security professionals, which comprehensively describes tools and tactics to scope and conduct network penetration tests. It includes conceptual guidelines such as preparation work, information gathering, and threat modeling, but also covers practical information on how to conduct reconnaissance, exploitation, and post exploitation activity. We leverage this framework to design effective security assessments and maximize on our ability to report on security gaps

 

 

Our Methodology

To deliver the engagement, we apply the following methodology based on several years of experience:

  • Kick-off meeting,

  • Information gathering,

  • Identification of the attack surface,

  • Manual & Automated tests,

  • Attempts to break in,

  • Perform lateral movements,

  • Report the findings,

  • Optional retest.

 

Our type of tests

We can perform engagements in 3 different modes :

  • Black box: no information communicated in advance about the targets in scope, except for the targets’ address or domain names,
  • Grey box: the client gives provides minimal information to begin the engagement. As the engagement progresses, they supply more information so that the team can cover more ground and not remain blocked on a specific point,
  • White box: the source code, full configuration information, architecture documents, etc. are made available to the security team.

The main difficulty is to find the right balance between allocated time and information availability. The objective to simulate the impact of a real attack at a fraction of the time and cost. This is why we recommend a grey / white box approach to improve the return on investment for the client.

Our Philosophy

The mindset of the team is to be fully transparent with the client by delivering a high-quality report composed of:

 

  • A high-level executive summary: where we translate the vulnerability from a technical context into a business context to help management understand the consequences of a successful attack,
  • A technical section: where vulnerabilities are prioritized by their potential impact,
  • All scripts, command, software: or other artifacts used to identify the vulnerability are described in the report, in case the client wants to replay the attack,
  • A high-level conclusion: in which we provide our opinion and recommendations about the security of the targets in scope.
Our Added Value

Regular penetration testing and red team exercises can vastly improve your security posture by providing you with a prioritized ‘To Do’ list of security issues to fix, but also improve your team’s reactivity to real-world attacks:

  • Practical exercises familiarize your team with the tactics, techniques and procedures of real-world attackers.
  • Regular testing helps you eliminate security gaps that arise as part of your infrastructure and processes’ growth.
  • Our approach not only takes business risk into account, but also cost of remediation. This allows you to focus on the assets that are most at-risk with the resources that are at your disposal.
Trust means Proximity

As trust and proximity are strongly linked together, our team can support you with a high availability all around Switzerland. We can also ensure management proximity, as ELCA Security is a real Swiss and independent actor.

Begin your cybersecurity journey

Cybersecurity is an investment on a long-term perspective to anticipate future potential cyber-attacks and limit their impacts on daily business.

For most companies, it is not justified to invest substantial amounts in this domain. This is why ELCASecurity proposes several discovery assessments to allow you to make a first step into the Cybers Provide a high-level overview of your Cybersecurity maturity and deliver strategic recommendations.

 

These types of engagements are focused on SMEs, as they are missing resources in this domain. We can cover several advisory domains:

  • Flash Risk assessment:Provide a high-level overview of your Cybersecurity maturity and deliver strategic recommendations.
  • Flash Compliance assessment:Verify compliance with nLPD, GDPR, ISO27K
  • Flash Data Protection:Check if data processed could be compliant with the current data protection laws applied in the country.
  • Flash Cyberdefense readiness:Determine if your Defense-in-depth strategy is setup correctly and can detect & block advanced Cyber-attacks.
  • Flash Discovery Pentest:Provide a high-level overview of your Cybersecurity maturity and deliver strategic recommendations.

 

ELC_PIKTO_GROUP Red.png

Red team

Red Team engagements are focused on objectives previously defined and validated by the client. This exercise is a simulated attack attempt to test how an organisation's security team responds to cyber threats. During the test, the team focuses on the pre-defined mission objectives, seeking to access sensitive information on multiple fronts and avoiding detection by the client.

 

As such, the process usually involves more people than a standard penetration test. By spending more time on the reconnaissance phase and with more resources, the results found by a Red Team can lead to a deeper understanding of the level of risk to the organisation.

ELC_PIKTO_GROUP.png

Blue team

A Blue Team exercise is an attack simulation that focuses primarily on the effectiveness of a defence team and its ability to detect, block and minimise cyberattacks. These exercises simulate threats that have the potential to cause significant losses to an organisation. During the exercise, a Red Team simulates attacks targeting the organisation's infrastructure to exploit vulnerabilities in systems and applications on the network.

 

The objective of the Blue Team is to respond to the attacks by launching appropriate countermeasures to isolate the infected assets and generally thwart the attack. At the end of the exercise, the Red Team will discuss their attack methods and actions so that the Blue Team can confirm their findings and then identify and correct the missed attacks.

ELC_PIKTO_GROUPurple.png

Purple team

Purple Teaming is an exercise where Red and Blue teams work closely together in a pre-defined exercise to improve their capabilities to prevent and detect cyber-attacks, through continuous feedback and knowledge transfer. The Red team exercise simulates multiple types of attack throughout the engagement, launching the attack and waiting for the Blue Team to detect and respond. It identifies any weaknesses or gaps in detection and response and provides insight on how the issue can be remediated.

 

The result is actionable improvement to your defensive capabilities against real-world threats. Purple team exercise provides an excellent return on investment by helping you maximize the value of existing defensive controls.

Defensive Security Services
ELC_PIKTO_INFO-PERSON.png

Computer Security Incident Response Team (CSIRT)

Computer Security Incident Response Team  - Our team of specialists can quickly & efficiently respond to security incidents, regaining control and minimizing damage and loss.

ELC_PIKTO_INFO-PERSON_1.png

With our strong experience, we can support you in managing internal communications, responding to media enquiries, handling any personnel issues in the case of insider action, etc.

ELC_PIKTO_USER_B.png

Crisis Communication

We can support you by putting in place an efficient communication structure that will minimize damages by communicating in a quick, honest and transparent manner.

Contact: Fabrice Guye
ELCA’s Privacy Notice.

By continuing to browse this site, you accept the use of cookies or similar technologies whose purpose is to produce statistics on visits to our site (tests and measurement of visitor numbers, visit frequency, page views and performance) and to offer you content and promotions which will be of interest to you.

Our cookie policy has been updated. Please feel free to manage your preferences.

OK, accept all Disable all Configure
close
save

Manage your cookie preferences

Update your cookie preferences

Find out about the type of cookies stored on your device, accept or block them for the entire site, all services or on a service-by-service basis.

OK, accept all

Disable all

Visitor flow

These cookies provide us with insight into traffic sources and allow us to better understand our visitors anonymously.

(Google Analytics and CrazyEgg)

New

Sharing tool

Social media cookies allow content sharing on your preferred networks.

(ShareThis)

New

Visitor understanding

These cookies are used to track visitors across websites.

The intention is to enable us to offer more relevant, targeted content to existing contacts (ClickDimensions) and display ads that are relevant and engaging for users (Facebook Pixels).

 

New
For more information about these cookies and our cookie policy, click here