ETHICAL HACKING AND AUDITING IN CYBERSECURITY

The existing vulnerabilities in the systems of a company can compromise the integrity of the information, especially those in companies that, due to the nature of their commercial activity, keep personal data of their clients. The entry into force of the new RGPD puts very demanding compliance requirements on the table. Pentaquark has extensive experience in providing cybersecurity and vulnerability auditing services to various companies. Our greatest success stories was the collaboration established with a Swiss investment fund and a major national hotel chain. Both businesses, of different nature, but with a similar problem when storing personal data from their customer networks.

Both projects were approached by conducting an in-depth study and categorization of the types of risks existing in the technical, digital, telecommunications and functional operational infrastructure of internal applications. Subsequently, a matrix was defined with the risks studied. Once the cybersecurity map of both companies had been drawn, an external attack was carried out, both on the emails and on the companies' systems, to determine the degree of vulnerability and identify security flaws. As a result, a confidential report was prepared and delivered to both clients and a master plan was implemented that satisfactorily corrected the vulnerability problems, reinforcing the security systems.