Do you know our Offensive Detection and Security services, based on NIST CSF?

At Zerolynx we are experts in professional services for companies in terms of cybersecurity. Specifically in corporate security, cybersecurity corporate, intelligence corporate, cyberintelligence corporate and patrimonial security.

Our services are aligned with the most important and recognized international cybersecurity recommendations, frameworks and standards. For this reason, our entire offer is based on the NIST framework (National Institute of Standards and Technologies of the United States) and, specifically, on its proposed cybersecurity framework, known as the NIST Cybersecurity Framework (NIST CSF) .

Thus, the Zerolynx offer is articulated through a wide range of professional services that mach with each of the six functions of the NIST CSF framework:

• ID.
• Protection.
• Detection.
• Answer.
• Recovery.
• Government.

In this article, we will focus on Zerolynx's service offering, aimed at detectionand offensive security of companies in terms of threat protection , detection of security weaknesses and cybersecurity.

detection is the initial step to know the state of corporate security and its weaknesses or vulnerabilities.

If you want to know, analyze and evaluate the capabilities of defesa before attacks, from cyber defense against cyber attacks of your company, These are the services you need. Learn how to protect your assets effectively.

But what exactly is detection ? According to the RAE ( Royal Academy of the Spanish Language ) , it is simply “ the action and effect of detecting ”, “ the action and effect of locating, identifying, discovering ”.

Going one step further and focusing on information security and cybersecurity, detection vulnerabilities and threats, consists of “the action and effect of detecting, locate, identify, or discover weaknesses, vulnerabilities or potential threats that could affect us”.

From this definition, and within the framework of cybersecurity, therefore, it is understood that The essential components and factors of Detection are as follows:

• The discovery that makes visible both the weaknesses and vulnerabilities and possible attack vectors.
• The identification of critical assets.
• The detection of assets at risk.
• The anticipation that allows you to have that knowledge and act, before an attacker who can act.
• The establishment of tactics, techniques and procedures (TTP) to be applied in the event of an attack.
• The updating existing defenses and establishing new defenses, based on what was detected.
• The potential impact analysis.
• La monitorización continua.

The threats will arrive at any time and from any front, from which we least expect or We suspect, they may be internal or external. For this reason, we must be prepared to detect them as soon as possible.

Our corporate services and systems, both internal and external, as well as those of suppliers and third parties, must be audited from the point of view of detection, having previously “discovered” what their weak points are, thus being able to act in advance.

Well, that's what we are for. To help you with resources, knowledge, capabilities, skills and specific intelligence and cyber intelligence activities in which we are experts and which you do not have in your company.

But how do they work and how are these types of services provided? How do we offer them from Zerolynx so that they are the most effective, efficient and beneficial for your business or company?

• We put ourselves in the shoes of the “bad guys” (bad gyus) to test different possible attack scenarios. Without affecting your business or putting your organization at risk, we simulate real attacks.
• With the results derived from these simulated attacks, we analyze and assess the probability of them happening in your organization, as well as the impact that each of them would have if they materialized.
• Likewise, we make visible the assets that could be the target of malicious activities (prioritizing the levels of probability, criticality and risk potential) and what would be the main attack vectors in your case.
• We detect the main vulnerabilities in corporate systems and services, as well as risksthat these entail.
• We propose the corresponding personalized risk mitigation activities.

We know that each company is a world, with different sectors of activity, different portfolios of services and/or products, different needs, objectives and strategies. For that emotional reason we adapt to your company, to any type of company, objectives and needs , offering detection services fully customized to each situation.

Thus, in providing this type of services, we establish several steps when working:

1. Personalized analysis of the company's situation, existing needs and priority objectives to be covered.
2. Identification and consensus ofneeds and requirements.
3. Preparation of a proposed customized audit and detection plan.
4. Based on what was agreed, we carry out real/simulated attacks on the organization, for a period of time certain.
5. Analysis of results.
6. Preparation and issuance of reports on the plan activities carried out, what was detected, and the possibilities of resolution of what was detected.
7. Presentation of results, conclusions and recommendations for action for the risk mitigation.

This subject is very extensive and our portfolio of detection , intelligence and cyber intelligence services is so broad that we leave you here a summary of all of them:

• RedTeam. We simulate real cyberattacks on the organization, its infrastructure, services, applications, processes and people, with the aim of evaluating it in terms of cybersecurity , thus knowing its detection capabilities and, at the same time, how it behaves in response to incidents . We already talked about this service in the article “ Red Team 2.0 ”.
• Internal and external pentesting. The risks are generally outside the organization, but they are also (and in many cases) found within it ( insiders ). We are in charge of analyzing and detecting all the risks that affect the company, both to the part of it that is exposed to the Internet with Web, online or other types of services, and to what is within it (corporate network, devices, applications, databases, internal services, etc.). We already talked about this service in the articles “ Do you know what pentesting is and how it helps your company?” ” and “ Red Team 2.0 ”.
• Social Engineering. In most cases, behind the majority of cyberattacks , and generally, the ones that are most successful, there is neither technology nor sophisticated gadgets used by cybercriminals . On the contrary. These allude, more and more, to human vulnerability , to human hacking , to the human factor, trying to trick users into doing what they want them to do (open or download a file, give access, make a transaction, etc. .). These deceptions usually use psychology, phishing , identity theft and always refer to human sensitivity, making it difficult to detect them and, especially, for users and employees to detect them in time and not carry out the actions they are told. requests that they do. Well, we help you raise awareness , educate , train , train and train your employees to be able to do so, through phishing attack simulation activities . We already talked about this service in the articles “ Cybersecurity awareness services, as important as protection tools ” and “ How to identify and avoid Phishing in emails ”.
• Hacking on Wireless Networks (WiFi). Surely you have one or more in the office Corporate WiFithat is used by both employees. And, also, you surely have some WiFi for guests. But are they safe? To verify this, we will be in charge of reviewing all corporate WiFi networks, auditing them from the point of view of comprehensive security, evidencing its possible weaknesses, flaws , vulnerabilities, or security holes, so you can correct them.
• Web Security Audit. The most common thing is that your business has a corporate website and even more than one if you have them located by sectors, types of products or services you offer, etc In addition, it is likely that you also have an online store and even a online services for your clients, users, or for yourself. These may have security holes that would allow an attacker to carry out a exploitation of vulnerabilities that would affect the organization, with unauthorized access, reading databases, exfiltration of confidentialinformation, etc. Leave it in our hands. We will analyze all your online services, applications, website and store to find vulnerabilities, using the OWASP framework.
• Mobile Application Security Audit. Surely many of the organization's employees use a corporate smartphone , and even, more than one, their own personal cell phone ( BYOD – Bring Your Own Device ), and even tablets, for work issues. These, just by the mere fact that they are software, operating systems and applications (Apps), are another source of vulnerabilities and, therefore, a common attack vector that you must secure. Leave it in our hands. We will analyze all your mobile devices to find vulnerabilities in them, in their operating systems and Apps, that may affect you, using the OWASP Mobile framework. We already talked about this service in the article “ Introduction to mobile application pentesting without dying trying .”
• IIoT (Industrial Internet of Things) Security Audit. Do you work with services and devices? IoT (Internet of Things) and/or IIoT (Industrial Internet of Things)? Do you keep them safe? Leave it in our hands. We check it for you by performing pentests on your ICS infrastructures for detect vulnerabilities and assess their resilience to cyberattacksexternal and internal.
• Cloud Infrastructure Security Audit. Surely you have cloud services, your own or third-party ones. Are you sure that they are safe and safe to use? We take care of it, analyzing the possible risks they could face, whether it is IaaS (Infrastructure as a Service) services, such as PaaS (Platform as a Service) , such as SaaS (Software as a Service) , or whether it is third-party cloud services ( AWS , Azure , etc.). We already talked about this service in the article “ Cybersecurity risk analysis in cloud environments ”.
• Source Code Audit. Is your company dedicated to software development ? In your organization, do you develop your own applications? I'm sure you are very good at it, but is the source code you generate secure? Let's find out and improve it in this regard. We help you achieve this, auditing the source code of your applications through automatic and manual analysis. With the results obtained, we will propose the most appropriate improvements to solve the security problems that we detect. We already talked about this service in the article “ Security in the software life cycle ”.
• Active Directory Audit. Whatever operating system and/or service you use, you are sure to work with Active Directory in your organization so that employees can identify themselves and make use of the network resources they need, in a personalized way. This could also be another objective and attack vector that we can help you secure better, by evaluating the security of the Active Directory . In it, we will also check the domain accounts , security policies , configurations and monitoring of good practices ( Sysvol , Laps , Krbtgt , etc.). We already talked about this service in the article “ Basic cybersecurity audit of a Microsoft domain ”.
• Reverse Engineering and Hardware Hacking. Is your company dedicated to manufacturing and programming hardware? In your organization, do you develop your own “irons”? Do you have a hardware infrastructure that you would be interested in auditing? Are you dedicated to software development? Do you develop your own applications? I'm sure you are very good at it, but is the source code that you generate safe? Let us help you figure it out and improve it by finding potential cybersecurity flaws using reverse engineering of your applications and hardware assets.
• Hacking Banking Systems. If you have an online store, or if your business is a trade , a banking entity, a financial entity, or if you carry out payment, collection and/or purchase-sale banking transactions, we can help you evaluate cybersecurity of your devices and banking systems such as camera, POS or payment gateways .
• Ransomware Simulation. It is likely that you have already received some ransomware or attempted cyberkidnappingof your information, on which, after having been encrypted, they ask you for a financial ransom to recover it. And if not, it will come. In that case, do you know if you are prepared and if your company would withstand a cyberattack like that? ? Let's look at it by simulating the malicious behavior of ransomware actors to assess the organization's ability to confront and overcome these types of threats (resilience / cyber resilience ).
• Denial of Service (DoS) and Distributed Denial of Service Testing. Surely you have with a huge, powerful, robust, strong and secure ICT infrastructure, from a protection point of view. But would it support any type of load? What is the request limit that you could handle? Could they throw it away easily or with a specific number of simultaneous requests? If this were to happen, could a denial of service occur? Let's see it, simulating DoS attacks and DDoS, using the same mechanisms used by cybercriminals (assessment of resilience / cyber resilience).

If you want, learn more details by consulting all Zerolynx Detection services .

In addition, you can also learn about Zerolynx 's complete portfolio of cybersecurity and cyber intelligence services .

If you prefer that we inform you personally, do not hesitate to contact us .

Iñigo Ladrón Morales, Content Editor for Zerolynx.