Discover our publications and educational resources

FAQ

01

How can you assess the security of my website?

We use a variety of techniques, such as vulnerability scanning, manual testing and code review, to identify security weaknesses and vulnerabilities in your website or web application.

80% of diagnostics revealed a vulnerability enabling the user to take control of at least one server or access confidential data (including personal or health data).

02

What is a sub-domain?

A subdomain is subordinate to a domain and dependent on it. The subdomains The sub-domains can be used, for example, to structure websites Websites in a relevant way, e.g.: subdomain.domain-name.com

03

Why is safety important?

Security is essential to protect your website, user data and online reputation. It helps prevent unauthorised access, data breaches, malware infections and other cyber threats that can disrupt your business and harm your customers.

# 80% of the organisations audited had sensitive data referenced in search engines and 70% of organisations had no protection mechanism in place.

04

Can you help me comply with the safety standards specific to my activity?

Yes, with our Cybersecurity Audit, we can help you comply with the security standards and regulations specific to your sector, such as the European cybersecurity directives the European cybersecurity directivese cybersécurité NIS (Network and Information Security), DORA (Digital Operational Resilience Act) or GDPR (General Data Protection Regulation).

05

What is Active Directory and why is its security so important?

Active Directory (commonly known as “AD”) is a directory service that lists and centralises information about a company’s network. This information is grouped into 3 categories: users, resources (computers, printers, servers, folders, etc.) and groups.

It is a central component of the IT infrastructure containing precious information which, in the wrong hands, could have terrible consequences for the company.

Compromising the Active Directory can give access to all network resources as well as rights and privileges. This information can enable a cybercriminal to bypass security measures and escape detection. They would then obtain a master key that would open the doors to the rest of the network.

# 50% of organisations had never carried out a security audit.

06

Why are continuous monitoring and surveillance so important?

New vulnerabilities appear every day, as do accounts belonging to your organisation. Attacks are happening faster and faster, so it’s important to be able to detect them in near real time.

07

What services do you offer as a cyber security specialist?

We offer a range of web security services, including website vulnerability assessments, penetration testing, security audits, incident analysis (and security advice). We also audit your internal network, Active Directory and email system.

# 40% of the audits uncovered abandoned or uninventoried servers.

THE BOOK

Demystifying attacks / Gaining a better understanding of attackers' techniques

What techniques and tools do attackers use to take control of a server or network?

What are the most common attack vectors?

How can you identify potential weaknesses?

How can you protect your network, your website and your internal data?

What best practices can be promoted internally to secure passwords and protect email?

What should you do in the event of a cyber-attack?

This highly operational guide gives you all the answers you need to protect your network as effectively as possible, based on case studies.

Readers' opinions*

Mr. Alexandre Salzmann, 11/03/2022

“Educational, practical and pragmatic”.

In this book, I found both lessons and practical work.
All the subjects covered are illustrated by feedback from real-life professional experiences.
This really is applied IT security, and above all it’s applicable.
Applicable with recent technologies: I discovered a whole world of tools that are accessible and not necessarily expensive.


The methodology presented allows safety to be integrated as an aid to projects and not as a constraint.


This book is aimed at professionals, students and geeks who are interested in finding out what it’s like in real life.

5/5

Josselin G, on 21/12/2021

‘A must-read for SysAdmin but not only!’

In the spirit of “knowing and understanding the enemy to better fight it”, here’s a superb overview of hacking techniques… to better protect yourself!

5/5

Guillaume C., on 10/11/2021

“Clear, informative and to the point”.

The book is perfect for both beginners and experts. With its precise examples and general knowledge, it is a mine of information on a subject that concerns everyone today: the security of our personal and professional data.

By understanding hacking methods a little more deeply, you will become aware of common flaws and pitfalls to avoid.

I highly recommend it.

5/5

* Sample reviews from the Amazon website

OUR TRAINING

Our consultants provide training to support your technical teams as they develop their skills.

5 DAYS

Profiles concerned:

  • System or network administrators,
  • Architects, Developers,
  • Staff who are beginners or who want to acquire a good technical grounding in SSI.

Learning objectives:

  • Be able to work in all the technical areas of security (systems, networks, applications, cryptography, etc.).
  • Master the vocabulary and main concepts
  • Learn different attack techniques.
  • Choosing and applying the right safety measures.

3 DAYS

Profiles concerned:

  • Architects,
  • System administrators or security engineers

Learning objectives:

  • Describe the internal mechanisms of Active Directory
  • Identify security features
  • Designing a robust architecture
  • Identify attacks and main exploits in an existing system
  • Implementing countermeasures

1 DAY

Profiles concerned:

  • Information Systems Director or Manager, Information Systems Security Manager,
  • Crisis management manager, On-call duty manager, Incident management manager.

Learning objectives:

  • Learn how to set up an appropriate organisation to respond effectively to crisis situations
  • Learn how to communicate coherently in times of crisis
  • Learn to avoid the pitfalls of crisis situations
  • Testing your SSI crisis management

5 DAYS

Profiles concerned:

People who want to learn how to carry out digital investigations, or who want to get started in computer forensics, Windows system administrators, IT forensic experts.

Learning objectives:

  • Managing a digital investigation on a Windows computer
  • The basics of numerical analysis on a Web server
  • Acquire media containing information
  • Sort and analyse relevant information
  • Use digital investigation software
  • Mastering the incident response process

5 DAYS

Profiles concerned:

Pentesters, IS consultants, CISOs, Network architects

Learning objectives:

  • Preparing a successful intrusion test
  • Mastering all the phases of an intrusion test (from discovery to post-exploitation)
  • Discover the target network quickly and easily
  • Exploiting identified vulnerabilities in complete security
  • Elevating privileges to plunder critical resources
  • Bouncing back on the compromised network
  • Understand the vulnerabilities exposed by external and internal networks
  • Using the pentester toolkit effectively.

4 DAYS

Profiles concerned:

Open source investigators, journalists, business intelligence managers or anyone wishing to improve their skills in open source investigation.

Learning objectives:

  • Conducting an open-source investigation independently
  • Collect, sort and analyse open source data
  • Using OSINT investigation tools

CYBER SECURITY AWARENESS TRAINING

1 DAY

Aimed at senior executives, BU directors, ddigital transformation directors, legal departments, project managers, HRM and marketing departments.

Understanding the types of risk linked to Information System security

Identify protection measures to secure substations

Initiate a security policy for the company's IS information system

OUR TECHNICAL TRAINING COURSES

5 DAYS

Profiles concerned:

  • System or network administrators
  • Architects, Developers
  • Staff who are beginners or who wish to acquire a good technical grounding in SSI

Learning objectives:

  • Be able to work in all the technical areas of security (systems, networks, applications, cryptography, etc.).
  • Master the vocabulary and main concepts
  • Learn different attack techniques.
  • Choosing and applying the right safety measures.

3 DAYS

Profiles concerned:

  • Architects
  • System administrators or security engineers

Learning objectives:

  • Describe the internal mechanisms of Active Directory
  • Identify security features
  • Designing a robust architecture
  • Identify attacks and main exploits in an existing system
  • Implementing countermeasures

1 DAY

Profiles concerned:

  • Director or Head of Information Systems,
  • Information Systems Security Manager,
  • Crisis management manager, On-call duty manager, Incident management manager.

Learning objectives:

  • Learn how to set up an appropriate organisation to respond effectively to crisis situations
  • Learn how to communicate coherently in times of crisis
  • Learn to avoid the pitfalls of crisis situations
  • Testing your SSI crisis management

4 DAYS

Profiles concerned:

Open source investigators, journalists, business intelligence managers or anyone wishing to improve their skills in open source investigation.

Learning objectives:

  • nducting an open-source investigation independently
  • Collect, sort and analyse open source data
  • Using OSINT investigation tools

5 DAYS

Profiles concerned:

Pentesters, IS consultants, CISOs, Network architects

Learning objectives:

  • Preparing a successful intrusion test
  • Mastering all the phases of an intrusion test (from discovery to post-exploitation)
  • Discover the target network quickly and easily
  • Exploiting identified vulnerabilities in complete security
  • Elevating privileges to plunder critical resources
  • Bouncing back on the compromised network
  • Understand the vulnerabilities exposed by external and internal networks
  • Using the pentester toolkit effectively.

5 DAYS

Profiles concerned:

People who want to learn how to carry out digital investigations, or who want to get started in computer forensics, Windows system administrators, IT forensic experts.

Learning objectives:

  • Managing a digital investigation on a Windows computer
  • The basics of numerical analysis on a Web server
  • Acquire media containing information
  • Sort and analyse relevant information
  • Use digital investigation software
  • Mastering the incident response process

BLOG

READY TO TAKE ACTION?

CATALOGUE DE FORMATIONS

DEMANDE DE CONTACT

DEMANDE DE DEMO

INSCRIPTION À LA NEWSLETTER

DEMO REQUEST

COURSES CATALOGUE

CONTACT REQUEST

SUBSCRIBE TO OUR NEWSLETTER