Flag Flag

Security services

Big Image

Penetration tests (pen-tests)

As a matter of fact, we must stressed that even multiple levels of security does not guarantee the total protection. Potential malicious attacker will always try to find the weakest link in the chain, single security breach, to get unauthorized access to the system and your confidential data. A single vulnerability could remain unspotted even though we lay an emphasis on security issues. An external attacker usually has a fresher outlook on the system than its administrators. Such a fresh outlook is a result of limited knowledge of the network structure and applied security mechanisms. Thus, it can lead to discovering unexpected results. The conclusion is that in order to find the security breaches in our infrastructure we should play the role of the attacker. However, in most cases it is almost impossible to play a role of an attacker whenever we play also a role of a victim. The solution is to hire someone who will try to attack our system and in such a way actively assess our information security measures. The process of an active assessment, with the emphasis on 'active', of the information system is called a penetration test or pen-test. The range and time of tests should be assorted in such a way to not threaten the client production systems without prior allowance. Naturally, the crucial issue is the level of trust between the client and the contractor who will carry out penetration tests. PSNC Security Team, as a group, have an appropriate level of theoretical and practical knowledge in the field of breaking security measures and protection against attacks. The knowledge is based on practical, day by day, contact with security issues in the Internet. Poznan Supercomputing and Networking Center (PSNC) as research, development and technology deployment institution affiliated with the Polish Academy of Sciences is a trust worthy professional partner. We offer our clients an individually crafted set of penetration tests that makes possible to verify the knowledge about a level of security in your company. Moreover those tests can be a base for further analysis and could lead to deployment of additional security measures. All potential customers that are interested in detailed offer and prices are kindly asked to contact with us directly.

Security systems

Some time ago security was consider as an optional feature of the information technology product rather than its immanent part like a user interface. Natural consequence of such an approach is a fact that not all systems which are currently in use are appropriately secured for common threats. However, one can increase their security level on the level of network, e.g. by means of complex firewalls, or on the level of the operating system, e.g. by means of security patches and security applications. Usage of security systems allows protection against unknown vulnerabilities that may exist in code of software application. PSNC Security Team has high competences and qualifications in that field. As a result of participation in various projects and research activities, the team has possessed, to a large extent, practical and theoretical knowledge about design, development and implementation of security systems. Moreover, day by day operational work is a continuous verification of our competences and it makes possible to extend, correct and update our knowledge. Our offer is addressed to all customers who want increase the security level of their information technology infrastructure. All parties interested in our services are kindly asked to contact with us directly.

offer catalogue

Main topics:

Security tests of Web browsers
PSNC Security Team conducted a set of comparative tests of Web browsers, addressing resilience to attacks on SSL/TLS
We encourage you to take a look on our detailed report (currently in Polish only).

More

GN3 project: security training for the developers
PSNC Security Team took a key part in preparing a complex, two-day training on secure programming that was organized in Poznań for the participants of one of the largest European research projects: GN3.

We encourage you to download the prepared presentations.

More information

Related topics:

Security services
New PSNC Security Team Security Services catalogue is available in Services section
Catalogue (in Polish)

On-line shopping security
PSNC Security Team decided to take a closer look at electronic shopping service. The result of our work is a report (in Polish).

Internet Banking
Report about internet banking security status in Poland is available here and the reaction in media here