Everyone has the inalienable right to own and control their data. IronSky is an advisory service made to protect that right.
Internal Penetration Test mimics the action of an internal threat actor trying to gain access to information that they are not authorised to access e.g. a disgrunteled employee. Typically internal tests will focus on potentially weak spots on the internal system of the organisations network, such as misconfigurations of file and database server access rights – ( also includes the vulnerability assessment of internal systems)
External Penetration Test mimics the action of an external threat actor trying to gain access to networks. Typical external tests will focus on potentially weak spots on the perimeter of the organisations network, such as misconfigurations – ( also includes the vulnerability assessment of externally facing services)
Wireless Penetration Testing simulates real-world attacks to provide a point-in-time assessment of vulnerabilities and threats to your wireless network infrastructure.
Mobile applications and web applications these days communicate to API endpoints. Test your API endpoints against the OWASP API Security Top 10.
Testing the iOS, Android and HMS mobile applications for vulnerabilities and business process bypasses that may impact the business or but the client’s data at risk. IronSky tests mobile applications according to the OWASP mobile top 10 and following or mobile application testing approach.
IronSky defensive advisory services are built decades of experience within the IT Field. These services cover everything from assisting clients to build an information security programme, advice on frameworks such as GDPR and ISO27001 to solutions architecture advice and technical guidance on technical cyber risk controls for both on premises and cloud solutions.
The baseline review leverages the Centre for Internet Security controls to assist organisations in identifying gaps in their security controls
The active directory security assessment helps organisations identify common mis-configurations and makes recommendations that will improve organisational security posture.
The MS Cloud Security Assessment is focused on the analysis of Administration, Logging, and Security Controls of Office 365 components and Azure AD.
Firewalls are first line of defense for organisations against unwanted elements of the internet. Reviewing of firewall logs, firewall rules and configuration is imperative to ensure that the system is protect the organisation.
A purple team engagement is a collaborative, iterative process that is undertaken to test and fine tune security controls. IronSky analysts work with your cyber security analysts to identify gaps fine tune your controls.
02 Defensive cyber-security advisory that assist clients in building a solid defence in depth and width. We deploy best of breed, context-based architectural solutions. As well as technology agnostic, security mitigation strategies.
03 Offensive cyber security services, which test and improve technical mitigations, processes and response procedures.