Faites des économies avec des tarifs à la carte selon vos besoins
ASSESSMENT OF VULNERABILITIES
CYBERESIST®
OUR AUTOMATED AUDIT SERVICES
External Attack Surface Audit
Price based on the number of subdomains*
Tests without agent installation, probes, or event log collection to minimise impact.
Complete scan of the web surface.
- Pre-Scan
- Determining of the attack surface
- Search for data leaks (including compromised user accounts)
- OSINT (open source intelligence)
- Software mapping
- In-depth analysis of the domain and subdomains
- Data on the company and its employees
- OWASP Top 10: testing the 10 main risks associated with web applications
- Faulty access controls
- Vulnerable and obsolete components
- Non-secure design
- Lack of data and software integrity
- Poor identification and authentication
- Data injection tests
- Intelligent password attacks (Bruteforce)
- Automated report (comprehensive list of vulnerabilities with severity analysis)
- Recommendation of solutions and action plan
* A subdomain is the part before the first dot in the URL structure. It functions as an extension of a primary domain to create an organised directory for the different sections of your website (e.g. https://subdomain.site.com).
Internal audit
price based on the number of Active Directory accounts
Prerequisite: an on-site network connection.
- Importing internal pentest tools
- Internal network scan
- Software mapping
- Audit of server and workstation configuration
- Active Directory configuration audit
- Testing user passwords and equipment
- Permissions testing (GPO, delegation, object)
- Comprehensive vulnerability testing: network partitioning – Wi-Fi testing – printer testing – backup testing
- Attack path audit
- Attack scenarios: account compromise, lateral movement
- Automated report (list of vulnerabilities with severity analysis)
- Recommendations for solutions and action plan
Active Directory
& PKI infrastructure
tarif selon le nombre de postes de travail, d'inter-trusts et d'objets
Prerequisite: execution of a tool on a workstation connected to the network.
In-depth audit of Active Directory and PKI infrastructure (ADCS).
Detection of technical vulnerabilities that can be exploited by attackers and poor administrative practices, to provide a clear picture of the level of risk.
- Identification of poorly protected privileged accounts: Kerberoasting, risky delegations, admin accounts outside Protected Users.
- Password management audit: rotation, RC4, passwords exposed in SYSVOL and network shares.
- Mapping attack paths: via ACLs, trusts, and vulnerable PKI templates (ESC1–ESC11).
- Assessment of operational resilience: backups, recycle bin, monitoring, obsolete machines.
- Workstation audit: checking for passwords stored in the browser, the presence of a password manager, etc.
- Automated report (list of vulnerabilities with severity analysis)
- Recommendation of solutions and action plan
Azure & Microsoft 365
tarif selon le nombre de postes de travail utilisateurs et d'invités B2B
Prerequisite: execution of a tool on a workstation with an Azure tenant administrator account.
Our Azure Security Posture module provides a turnkey audit of the cloud environment (Azure AD / M365).
It automatically identifies configuration flaws and offers concrete recommendations, classified into six points, enabling you to deliver an Azure audit in a matter of hours, with the depth of a senior consultant but the speed of an automated scan.
- Identification of poorly protected privileged accounts: Kerberoasting, risky delegations, admin accounts outside of Protected Users.
- Access security: MFA, privileged accounts, legacy authentication, break-glass.
- Privileges & identities: admin roles, PIM, apps without owners, main services at risk.
- Security posture: Secure Score, EDR/AV, Intune, logs & retention.
- Analytics & detection: risky sign-ins, suspicious activity, unusual connections.
- Automated report (list of vulnerabilities with severity analysis)
- Recommendations for solutions and action plan
DETECTION AND MONITORING OF COMPROMISED ACCESS
CYBERCREDS®
OUR SOLUTIONS FOR MONITORING COMPROMISED ACCESS
Domain Intelligence
Subscription rates depending on the scope*
CYBERCREDS analyses all the logs for your domain and produces a comprehensive risk map: compromised identities, exposed services, uncovered internal infrastructure, password reuse and top URLs.
List of services
- Summary of key performance indicators.
- User compromission graph.
- List of compromised identities.
- Exclusive access.
- Reuse of passwords.
- Password strength.
- Services exposure.
- Infrastructure discovered.
- Stack SaaS (Shadow-IT).
- Top targeted URLs.
- A report that can be exported as an HTML file, ready to be sent to your SOC or CISO.
Investigation
Fixed-rate pricing depending on the scope *
Search the database in real time for a domain or an email address. Immediate response, SOC alert classification, direct access to the machine profile.
Each row is clickable to view the full machine profile: date of compromise, country, CRITICAL/HIGH risk analysis, and reuse clusters.
Search by domain:
- Checking your overall exposure
- List of compromised accounts
- Preparation of a remediation plan
Search by email:
- Audit of a high-risk account (CISO, admin, C-level)
- Qualification d'une alerte SOC existante
- Post-incident review
- Onboarding a sensitive employee
PARTNERS
Are you an MSP, IT manager or integrator who needs regular security checks on your information systems and those of your customers?
Manage projects directly with your sales and technical teams, thanks to your dedicated instance.
Your customers benefit from comprehensive cybersecurity services
Strengthen your position as a trusted IT security partner and generate new revenue in a proactive manner.
Special pricing for MSPs and MSSPs
(infogéreur et Security Services Provider)
You benefit from the following services:
- Your dedicated dashboard
- Customisation of the environment to your brand identity
- Direct management of your grey- or white-label customer accounts
- Customisation of tools and tests
- Integration with other tools you already use
CYBERESIST automatically calculates project quotes based on the scope of the audit.
You use and top up your credits à la carte according to the type of diagnostics used (passive/active/offensive) and the associated services,
We can help you provide technical support for your teams and update the platform on your dedicated instance.
