Due to the increasingly connected world that we live in, cyber security threats are now one of the major risks faced by your business. Our Cyber Security Services will provide you with an umbrella solution, working from the ground up, identifying your risk and threat landscape by combining both the physical and cyber aspects of your business.
What we do
In order to prevent any cyber security breaches, Equilibrium Risk Limited will:
- Consult, audit and define risks
- Provide a mitigation strategy to manage those risks
- Employ our robust technology solutions to monitor, combat and reduce damage limitation to your business assets and to your people
What we offer
- Security consulting – we will arrange for your business to have a dedicated resource to work alongside you, which will provide advice, input and help you to move forward with your business security requirements.
- Security architecture – we will review and/or design your network and infrastructure architecture to help you to embed security principles and/or define security target operating models.
- Security strategy – we will help your business define a security vision, design a security transformation programme and plan security improvement work streams
- Risk assessments – because security is all about reducing risk, we will help you to assess the risks (across your application stack, web infrastructure, networks, security services, data centres and infrastructure), to help you to plan and prioritise your risk treatment actions, using our own developed risk assessment tools (aligned to ISO and SANS industry standards)
- Information security policies – the starting point for most organisations are comprehensive and effective security policies. We will assist you with creating, amending or updating your policies
- Technology solutions – we will provide you with robust security solutions, protecting your most critical services and environments.
CYBER SECURITY AUDITS AND SURVEYS
Our cyber security assessments are based on our “attacker oriented” approach, unlike most methodologies, our approach inhabits both the common best practices in the market and our unique military and intelligence offensive experience. Creating the ultimate team of experts guided by a defence methodology that was created through years of practical attack and defence experience for critical infrastructure.
- This unique approach enables our team of experts to provide an in-depth survey of your defensive capabilities and cyber security readiness against any and all cyber related threats.
Equilibrium Risk can provide high grade penetration testing. Equilibrium Risk’s penetration testing doesn’t simply stop at uncovering vulnerabilities, it goes the next step and actively exploits those vulnerabilities. Equilibrium Risk’s penetration testing answers the question: "What is the real world effectiveness of existing security controls against a skilled attacker?" Even a 100% compliant organisation may still be vulnerable in the real world to an active, skilled human attacker.
- Automated searches of open ports and known vulnerabilities within systems and protocols that have external references.
- Manual process for identifying additional vulnerabilities.
- Examining of remote access capabilities (VPN, Terminal, etc.).
- Identifying external access to exposed assets.
- Input Validation in order to prevent SQL injection, cross site scripting, local file inclusion and other, more common attacks.
- Identification details on client side, bypass through change password mechanisms, password retrieval and more.
- Permissions – examine the permissions process through all application interfaces, problems such as: Forced browsing Information disclosure, directory listing, and path traversal.
Tests on the infrastructure level include: a mapping of the segment, identifying weak links in the infrastructure chain, misconfiguration and out of date systems which could allow an unauthenticated attacker to gain privileges inside the segment.
This test examines a wide array of components inside the network mostly untested and less secure (Printers, Switches, Storage systems, DVR systems) and common systems (web applications, mail, file systems and monitoring servers).
Tests on the application layer include: a specific test win32 and WEB including the use of automatic tools and manual analysis of the application’s logic, high risk functions and overall security in both application level and deployment level.
Performed in a number of ways ranging from having no information regarding the application (black box) and up to having the application source code (white box).
Equilibrium Risk is excited to be able to provide a comprehensive, cloud based protective shield for your web assets. Working with our strategic partners Reblaze, we can provide a next-generation web security platform that intercepts and defeats web attacks before they reach your data center. Along with our partners, we believe that your online presence should be "Secure by Default".
We believe that web security should be effortless, that’s why our expert team constantly monitors the web and the dark web for threats. The security team deploys countermeasures immediately (usually within hours) of initial discovery. You get ‘effortless web security’, always up to date, with no action required on your part.
It really is the complete security package for your website. Below are some of the key features.
- Multi Layer DoS and DDos Protection
- Intrusion Prevention System (IPS) & Web Application Firewall (WAF)
- High Level Access Control List
- Bot Mitigation and Human Detection
- Virtual Private Cloud (VPC)
- Complete DNS Solution
Reblaze’s Clouds are certified by
TRAINING AND QUALIFICATIONS
Equilibrium Risk provides a vast selection of Cyber training courses, seminars and workshops for private and public companies at all management and technological levels. All of our training packages are custom made for our client’s specific requirements.
Equilibrium Risk has hands-on experience in fully establishing operational cyber units for various state and private level organizations, from architecture and design of technologies and operational systems through procurement of tools, software, infrastructure and applications, up to training and qualification of professional manpower and command.
- Equilibrium Risk’s proven track record in building and training cyber units and cyber teams, provide us with a unique experience of end to end training of various levels of man power and a vast experience in maintaining an ongoing qualification process for cyber related skills and abilities.