img

The pioneer of digital asset protection

Excelencia Tech is a team of passionate professionals who constantly strive to provide better cybersecurity solutions. This mission qualifies us to be your ideal partner in cybersecurity. Our research and efforts have enabled us to be equipped ideal tools to manage the ever-changing cybersecurity landscape. We are more than capable of designing, auditing and implementing the best cybersecurity for you.

Our Promise

Ensure business security and adaptive protection to enhance your data privacy and edge availability.

  • Bringing leadership in information security to companies of all sizes
  • You find the balance between information security and compliance
  • Be your trusted risk management program advisor
  • Provide consultancy on cost-effective technology to reduce enterprise-wide risk
  • Provide expert consulting services to support IT teams
img

Assessment of internal vulnerabilities

Scan your entire internal network environment for vulnerabilities within your organization, identifying domain controllers, exit gateway devices, internal routers, and server networks.

  • Discovering subnets and hosts
  • Router enumeration
  • Dial-up Access Server / Remote Access Server (RAS)
  • DNS census
  • Firewall / IPS scans
  • PKI infrastructure assessment
  • Census of VPN servers
  • Census of Microsoft architectures
  • Inventory of virtualization platforms
  • Census of email services
  • Census of FTP servers
  • Census of a server of files
  • Database Services Census
  • Census of storage servers
  • Inventory of a management system
  • Inventory of antivirus / antispam solutions
  • Assessment of functionality and misconfiguration of services
  • Detection of services protected by a password
  • Manual check for known vulnerabilities on services
img

Web application penetration test

The objective of web application vulnerability assessment and penetration testing is to identify, classify, and report vulnerabilities with the goal of exploiting identified vulnerabilities to circumvent or defeat the system component's safety devices.

A black box approach where the tester knows nothing or has very little information about the web application to be tested Information gathering stage where the tester's primary goal is to understand the logic of the application application using different tools to monitor Http traffic (requests and responses), Http headers, parameters and cookies, then the tester preforms a set of tests which fall under the OWASP 10 application security risk , the following categories but not limited to:

  • Buffer overruns
  • Cross-site scripting
  • SQL injection
  • Canonicalization
  • Listening to the network
  • Password attack
  • Cookie replay attacks
  • Theft of supporting documents
  • Elevation of privilege
  • Disclosure of confidential data
  • Data tampering
  • Attacks by trickery
img

Buffer overruns

A secure code review consists of verifying the source code of an application to ensure that the correct security controls are in place, that they operate as intended and that they are invoked in the right places.

In addition, this process may involve an automated review of the source code of a application in an attempt to identify security-related weaknesses (flaws) in the code.

img

Wi-Fi security rating

This basically describes the approach to penetrating your wireless strength. This approach uses combinations of passwords and sniffing techniques to crack unsecured wireless networks. Thus, the semi-automation and the automation of the whole process require a good configuration.

Here are the three key points on which we are testing:

  • Wireless Penetration Testing assesses the risks associated with potential access to wireless networks.
  • Wireless access points are an easy way for hackers to break into your internal network.
  • Wireless attack and penetration testing identifies vulnerabilities and provides hardening and remediation guidance.
img

VoIP systems security assessment

As VOIP systems are connected to the data network and share many hardware and software components, intruders have more opportunities to attack systems VOIP than traditional voice telephony systems or PBX.

img

Secure configuration review

Examination of switch configuration and operating system reveals vulnerabilities that could lead to unauthorized access. In this activity, a consultant will capture your current setup and compare it to industry best practices. sector.

img

Cybersecurity governance

The cybersecurity governance service allows organizations to have a secure and resilient environment that ensures continuous business operations and effective.

  • Security governance and risk management
  • Security Compliance
  • Security Operations Center
  • Disaster recovery planning
  • Governance of identity and access management
  • Security architecture and system accreditation
img

Cybersecurity audit

Excelencia Tech performs cybersecurity audits on both technical targets (systems, networks, software) than on large projects and entire organizations. These audits identify the main vulnerabilities, propose corrective measures and reduce the risks to a manageable level.

Our approach

  • Identify cybersecurity strengths, weaknesses, vulnerabilities and opportunities
  • Characterize and frame the risks and build pragmatic and effective action plans
  • Prepare a report of findings and conclusions presenting the risks identified and the related recommendations

The organizational audit is a way to analyze the strengths and weaknesses of a company in all its aspects. Scale, distribution of work, circles of information and communication, number of hierarchical levels, procedures of activity and operating rules, etc. Organizational audits show their strengths and the points that companies must improve to move towards more optimization.

The objective is to ensure that your information system (its topology, its organization, its priorities) complies with your business needs, with the various regulations that apply to it and with the good practices of security. The architecture audit will also assess the technological choices made by IT and ISS, their relevance as well as the quality of their implementation and, incidentally, their correct configuration

The principle of penetration testing is to identify the vulnerabilities of the information system tested and to verify these vulnerabilities and impacts under the real conditions of the attack on the information system rather than on the attacking.

The purpose of the configuration audit is to verify the implementation of state-of-the-art security practices (best practices, configuration guides and Configuration audits are intended to verify the compliance of the elements of an infrastructure with the internal standards of the audited company (if they exist) and with "good practices" in terms of security (standards, configuration guides, etc.).
img
Our Consultants Experience
Our Consultants Certificates

Free consulting