To respond to the increasing need for digital security, Cyllene’s CyberSecurity offers an overall approach comprising four aspects that are complementary, coherent and operational:
Falcon - Bastion - Sentinel - Javelin
For the Business to create Value, mastering the digital environment is an increasingly essential aspect. Exponential growth in volumes, new web services, mobile working, strategic maximization of data thanks to AI and the blockchain, the healthy dynamic of the IoT ecosystem and the complexity of IT system interconnections are both challenges and opportunity or risk factors for the Business.
Our Digital Security offer is Cyllene’s response to the expectations of managers to plan and organize (Falcon), deploy and protect (Bastion), diagnose and measure (Javelin), assess and anticipate (Sentinel), while meeting the regulatory obligations and the legal and insurance requirements; it completes the “Security By Design” process already up and running in all the Group’s other offers.
Javelin is part of the overall process of cybersecurity risk control, implemented through Bastion and Sentinel.
The principal action will be to carry out upstream audits (supporting a Falcon-type process to provide a reliable initial diagnosis), or downstream of the implementation of measures to assess the residual vulnerabilities.
Intrusion tests are carried out from inside or outside the audited information system to discover vulnerabilities and examine the impacts they have and the action that can be taken. The auditor thus plays the role of potential attacker in real conditions. The Pen Test completes and improves the effectiveness of other audit tasks, or demonstrates the feasibility of using the flaws and vulnerabilities discovered for awareness-raising purposes.
The audit concerns the security documentation and guarantees:
◦ Compliance with the security requirements and the standards in force
◦ Adaptation to the technical measures implemented
◦ Practical application and effective maintenance
The physical security audit will focus on the safety of buildings, IT rooms or offices: access controls, intrusion, CCTV, etc.
Exploitation of human vulnerabilities or those associated with the entity’s organization to access confidential information or certain assets. Social engineering tests create a real situation to help identify the awareness-raising actions to be implemented as a priority, together with the populations to be targeted, or to verify the effectiveness of a campaign.
Verification that security practices related to the choice, the positioning and the implementation of hardware and software deployed in an information system comply with the state of the art and the in-house requirements and rules of the audited party. The audit may be extended to interconnections with third-party networks.
Verification of the implementation of security practices that comply with the state of the art and the in-house requirements and rules of the audited party on the configuration of the hardware and software deployed in an information system.
Red Team intrusion tests assess a business’s critical assets by testing out its different means of protection, be they physical, human, organizational or IT. This test is carried out in different stages over several weeks, to meet the objectives set by the Management.
Assessment of an industrial system’s level of security and the associated control mechanisms: architecture audit, an audit of the configuration of the elements that make up the architecture and organizational and physical audit.
Analysis of all or part of the source code or the conditions for compilation of an application to discover its vulnerabilities, arising from programming or logic errors, which may have an impact on security.
Les cookies sont importants pour le bon fonctionnement d'un site. Afin d'améliorer votre expérience et nos services, nous utilisons des cookies pour collecter les statistiques en vue d'optimiser les fonctionnalités de notre site Web.
Vous pouvez choisir de bloquer certains types de cookies. Sélectionnez votre choix concernant chaque catégorie de cookie. Cliquez sur «soumettre les préférences » pour valider vos choix.
Ces cookies servent à mesurer et analyser l’audience de notre site (nombre de visiteurs, pages vues, durée sur le site, etc.) afin d’en améliorer la performance.
To download our document, please enter your email address