Red Team

We work on infrastructure, systems and web applications with the aim of finding vulnerabilities that could be exploited by an attacker. We also evaluate the exposed surface and analyze the assets that could be attacked. We evaluate and guide the mitigation and remediation actions of the detected vulnerabilities.

We run Offensive Cybersecurity services aimed at detecting vulnerabilities and exploiting them by simulating an external attack. The scopes considered allow to evaluate architectures, infrastructure, applications and processes.

We run attack simulation exercises that allow evaluating cybersecurity architectures, incident detection mechanisms and platforms, incident response processes and capabilities of professional teams that have responsibility over previous processes. Depending on the objectives, we coordinate with the areas involved by the organization. We provide feedback about the results obtained and our proposals for improvement at the level of infrastructure and processes.

We check infrastructure, base systems and applications for vulnerabilities that can be exploited by an attacker.
We work based on manual actions and automated tools that allow us to collect information and compare it against vulnerability databases.
The information can be integrated into a managed vulnerability service and/or patched by our Blue Team.

We work on the physical and logical components of ATMs with the aim of finding vulnerabilities that could be exploited by an attacker. We perform a physical exposure analysis that can lead to actions of theft, breakage and intervention: video cameras, peripherals, sensors, physical location, among others. We complement with analysis of the logical layer, operating systems, applications, management software, access control, auditing, among others.

We analyze and evaluate the integration between facial biometrics applications and solutions in order to detect vulnerabilities that may lead to fraud. We review of digital onboarding applications and validate transactions that use facial biometrics as an identity verification solution.

We perform required vulnerability scans within the PCI regulatory framework. Platform access for unlimited scans