Inicio security

ToBe Security es una compaa lder de mercado,

pionera en proveer Evaluaciones de Seguridad de
Penetracin de Informacin, Capacitacin y Servicios
de Consultora a organizaciones a nivel mundial.

We offer a wide range of programs to improve information security in business services.

Ethical Hacking
Intrusion test which examines whether the network or servers are vulnerable to hacker attacks. This study attempts to penetrate
the network and gain control over computers or servers. This study done internally or externally. As a result of this study is given
to the client a report with the threats found and action to mitigate them.

Ethical Hacking Wireless

An attempt to penetrate the wireless network client. In this study the configuration of wireless equipment, the strength of the
encryption algorithms used and the efficiency of IT equipment to detect such attacks to your wireless network and its access
points are analyzed.

Client Side attacks

In this study we send malicious code to end users through emails or send links that point to malicious web site with which we arm.
The aim of this study is to see if you can penetrate and Hacker stations taking advantage of insecure users configuring
workstations for users and the lack of knowledge of the users to open any mail. The ultimate goal of this study is to see if we can
take control of the network by first taking control of a workstation by sending malicious code to end users.

Social Engineering Attack

Check to see if you can physically enter the offices of the customer without authorization doing different manipulations and
deceptions guards and / or all company personnel, for example stating that we came to deliver a package, we are part of the
cleaning equipment etc. In this study telephone calls to employees also conducted and manipulating to obtain confidential
company information such as trade secrets, passwords of users etc.
The objective of this study is to show the client that is possible through an attack social engineering to obtain admission to the
customer's network or its buildings.

Awareness plan for end users

It will be a training for users on security issues and how to care information company. In this training you will prove to users the
dangers to their information, such as the risk of opening any mail and attachments, risks of social engineering attacks to your
network, security workstation, safe surfing on the internet , safety in social networks etc.
This plan will be held awareness through talks, banners, posters, reviews and videos. It is noteworthy that 70% of the IT
infrastructure risks coming from end users themselves which they have no training against cyber threats.

Security Assessment
A consultancy in which the configuration of your network and computer security controls implemented are analyzed.
The study will analyze the following:
1.

Network topology

2.

Configuring Routers.

3.

Configuring Firewalls

4.

Configuring servers

5.

Configuring the DMZ

6.

Configuring the IPS (Intrution Prevention System) their false positives and negatives

7.

Configuring Layer 2-3 Switches

8.

Hardening proseguimientos implementation of different teams

9.

Network segmentation

10.

Analysis of Logs

11.

WAF deployment and SIEM

12.

Recommended configuration for PCs

13.

Detection of Sniffers installed on the network

14.

Reviewing Incident Response Policy