Presentations

Download presentations


Demyo, Inc. capabilities:

  • Founded in 2011
  • All we do is 100% InfoSec
  • We speak: English, Spanish, Portuguese, Russian, Ukrainian, Lithuanian
  • Web Application Penetration Testing
  • Host Based Audit
  • Incident Response
  • Vulnerability Assessment
  • Social Engineering
  • Network Penetration Testing
  • Team members have the following top level Information Security certifications: CISSP, GSNA, GSEC, CEH, LPT, CISA, CISM, GCIH, CCNA, GCIA, CCNP
  • Consists of HIGHLY experienced team
  • Digital Forensics
  • Threat Intelligence
  • Source Code Review
  • Security Training

Web Application Penetration Testing:

  • OWASP methodology
  • Vulnerabilities are rated High, Medium, and Low according to risk
  • Commercial, Open Source, and proprietary tools are used
  • Highly technical report + executive summary 1 pager report

Network Penetration Testing:

  • Internal LAN pen testing
  • External WAN pen testing
  • Enumerating Services
  • Finding Holes
  • Exploiting Holes

Host based audit:

  • Security Configuration Review
  • Policy Compliance Review
  • Antivirus Antimalware Review
  • LDAP Policies Review
  • Logs Audit

Digital Forensics:

  • Who, What, When?
  • Making Forensic Copy
  • Memory analysis
  • Threat Intelligence
  • Selective files analysis
  • Full HDD image analysis if needed
  • Building the time line

Vulnerability Assessment:

  • HIPAA, PCI, SOX, GLBA, ISO compliance
  • Merge and Acquisition support
  • Security Best Practices
  • Post Incident Support

Source Code Review:

  • Greping through code for high risk functions and methods
  • Manual source code review
  • Automatic source code scanning tools
  • Checking input validation

Incident Response:

  • Preparation
  • Identification
  • Containment
  • Eradication
  • Recovery
  • Lessons Learned

Social Engineering:

  • Will bypass all firewalls / Intrusion Detection Systems / Intrusion Prevention Systems / Full Packet Capture Devices and any technical means in between
  • Weakest factor is still human
  • How do we prevent SE?

Training:

  •  Instructors are HIGHLY experienced InfoSec Analysts
  • Penetration Testing training
  • Security Awareness training
  • Technical and Managerial InfoSec training