Legal data

  1. 40203240423
  2. LV40203240423
  3. 11.02.2020
  4. 11.02.2020
  5. Dzirnavu iela 140, Rīga, LV-1050


risk and management consulting, risk advice, financial fraud investigation,
management consultations, cyber security and IT consulting. IT security audit and IT security tests, Penetration test,
DDoS or Denial of service attack. IT security audit.
Information systems security audits and consultations. ISO 27001 compliance,
Audits of state information systems in accordance with the Cabinet of Ministers regulations no.
442. "Procedures, for Ensuring Compliance of Information and Communication Technology Systems with Minimum Security Requirements",
external security audits and inspections, ( electronic time and attendance systems) according to 2020. year 7. january Cabinet of Ministers Regulations No.. 21. Audits according to the FCMC, ( The Financial and Capital Market Commission) requirements. Consulting information security policy,
rules and risk management plan. Information systems security testing and intrusion testing. 98 / 5000
Tulkošanas rezultāti
Security tests for mobile applications for iOS and Android environments according to the OWASP Mobile Security Testing Guide, ( MSTG) and Mobile Application Security Verification Standard, ( MASVS) . Website and application security and intrusion testing according to the OWASP Testing Guide and Application Security Verification Standard, ( USA) including the search for and identification of such potential problems, ( cross-site scripting, ( Cross-site scripting) information leakage, ( Information leakage) counterfeiting of content, ( Content spoofing) predicted resource locations, ( Predictable resource location) SQL injection, ( SQL injection) insufficient authentication, ( Insufficient authentication)
insufficient authorization, ( Insufficient authorization) abuse of functionality, ( Abuse of functionality) . Security tests of smart devices and Internet of Things devices. Social engineering and Red-team tests.
Infrastructure security tests, Email server intrusion tests.
External network intrusion identification. Wireless network intrusion test.
Intranet intrusion test. Equipment accounting and control,
software accounting and control, continuous vulnerability management,
controlled use of privileged access, secure equipment and software,
monitoring of audit log entries, analysis and storage, email and browser protection, malware protection, network and service control,
data recovery option, secure network equipment configuration,
network perimeter and zone control, data protection, access control,
wireless network control, monitoring and control of accounts, implementation of a security training program, application security, incident management.
Cyber security services, solution, Intrusion tests, ( penetration tests)
- security testing process, simulating an attempted intrusion into an enterprise information system or specific resource to identify software bugs. Such a test can help detect and prevent security vulnerabilities in a timely manner.
Cyber risk assessment and security checks - identification of risks and vulnerabilities related to the digital environment; risk assessment,
prioritizing risks, comparing them with the cost of protection.
The service includes ratings, security testing, identification of deficiencies and reports to the company's management team, to drive effective security investments. Cyber security strategies,
policy and program development - development of a comprehensive security program,
commensurate with the company's existing risk management system,
and assistance in its implementation. A typical security program includes a strategy,
responsible persons and their responsibilities, governance principles,
policies and procedures, staff training, as well as internal,
and external communication. Information management and data confidentiality - Assistance in complying with changing data protection rules in line with current company practice.
Implementation of technologies and procedures in accordance with the data protection requirements applicable to the company, attracting BDO resources and experience from more than 160 countries. Incident response - Development and testing of comprehensive incident response plans, to reduce the impact of incidents, as well as the identification of the causes of incidents and assistance in rectifying deficiencies. Related business processes are considered in the development of plans, roles and responsibilities of employees. Social engineering attacks - assessment of the level of maturity of security controls and employee awareness, performing social engineering attacks, ( for example, phishing, targeted phishing, malware) .
Threat Intelligence - Informing and training the company's management team about company-specific cyber security threats and trends, cyber security threat identification. IT security - practical guidelines, policy, development of methodologies. Staff training and system vulnerability testing. Cisco vulnerability,
SQL vulnerability, Fuzzing - technology, program testing technology,
Network scanner, Unix vulnerability, Android vulnerability.