The pioneer of digital asset protection
Excelencia Tech is a team of passionate professionals who constantly strive to provide better cybersecurity solutions. This mission qualifies us to be your ideal partner in cybersecurity. Our research and efforts have enabled us to be equipped ideal tools to manage the ever-changing cybersecurity landscape. We are more than capable of designing, auditing and implementing the best cybersecurity for you.
Our Promise
Ensure business security and adaptive protection to enhance your data privacy and edge availability.
- Bringing leadership in information security to companies of all sizes
- You find the balance between information security and compliance
- Be your trusted risk management program advisor
- Provide consultancy on cost-effective technology to reduce enterprise-wide risk
- Provide expert consulting services to support IT teams
Assessment of internal vulnerabilities
Scan your entire internal network environment for vulnerabilities within your organization, identifying domain controllers, exit gateway devices, internal routers, and server networks.
- Discovering subnets and hosts
- Router enumeration
- Dial-up Access Server / Remote Access Server (RAS)
- DNS census
- Firewall / IPS scans
- PKI infrastructure assessment
- Census of VPN servers
- Census of Microsoft architectures
- Inventory of virtualization platforms
- Census of email services
- Census of FTP servers
- Census of a server of files
- Database Services Census
- Census of storage servers
- Inventory of a management system
- Inventory of antivirus / antispam solutions
- Assessment of functionality and misconfiguration of services
- Detection of services protected by a password
- Manual check for known vulnerabilities on services
Web application penetration test
The objective of web application vulnerability assessment and penetration testing is to identify, classify, and report vulnerabilities with the goal of exploiting identified vulnerabilities to circumvent or defeat the system component's safety devices.
A black box approach where the tester knows nothing or has very little information about the web application to be tested Information gathering stage where the tester's primary goal is to understand the logic of the application application using different tools to monitor Http traffic (requests and responses), Http headers, parameters and cookies, then the tester preforms a set of tests which fall under the OWASP 10 application security risk , the following categories but not limited to:
- Buffer overruns
- Cross-site scripting
- SQL injection
- Canonicalization
- Listening to the network
- Password attack
- Cookie replay attacks
- Theft of supporting documents
- Elevation of privilege
- Disclosure of confidential data
- Data tampering
- Attacks by trickery
Buffer overruns
A secure code review consists of verifying the source code of an application to
ensure that the correct security controls are in place, that they operate as
intended and that they are invoked in the right places.
In addition, this process may involve an automated review of the source code of a
application in an attempt to identify security-related weaknesses (flaws) in the code.
Wi-Fi security rating
This basically describes the approach to penetrating your wireless strength. This approach
uses combinations of passwords and sniffing techniques to crack
unsecured wireless networks. Thus, the semi-automation and the automation of
the whole process require a good configuration.
Here are the three key points on which we are testing:
- Wireless Penetration Testing assesses the risks associated with potential access to wireless networks.
- Wireless access points are an easy way for hackers to break into your internal network.
- Wireless attack and penetration testing identifies vulnerabilities and provides hardening and remediation guidance.
VoIP systems security assessment
As VOIP systems are connected to the data network and share many hardware and software components, intruders have more opportunities to attack systems VOIP than traditional voice telephony systems or PBX.
Secure configuration review
Examination of switch configuration and operating system reveals vulnerabilities that could lead to unauthorized access. In this activity, a consultant will capture your current setup and compare it to industry best practices. sector.