Cyber Threat Intelligence (OSINT)
Our cyber threat intelligence assessment using the open-source intelligence (OSINT) methodology entails collecting information about your organisation from publicly available sources. Our goal is to provide you with a threat assessment based on information that hackers have access to and are known to use when preparing to launch a cyber attack. We don’t merely collect data, we analyse the data and disseminate it to you in terms of actionable recommendations.
During a cyber threat intelligence assessment, our certified ethical hackers treat your organisation as their target and gather the information that they would use to launch an effective attack.
The kind of information that we look for when performing a threat assessment is the kind that could be used to help attackers impersonate a high-level decision-maker, launch more effective cyber attacks, initiate social engineering campaigns, and subsequently compromise your security. This information is used to prepare, prevent and identify cyber threats that might take advantage of this publically available information.
An example of such an attack could be when a hacker surveils your CEO, sees that he will be on vacation (via social media), and impersonates him (via a spoofed email) to request an urgent payment to a “supplier.” Social conventions being as they are, people will want to impress their superiors with fast action, thereby avoiding any authentication process, allowing a hacker to walk away with thousands of euros.
Our cyber threat intelligence service includes techniques such as:
- gathering general information about the target organisation;
- performing a thorough network analysis through DNS and sub-domain enumeration techniques;
- identifying the organisation’s internet footprint including details on key personnel and source code leaks;
- non-invasive assessment to discover weaknesses that are exploitable on the network, along with any unauthorised routes into the target network.
Review our other types of security and penetration testing services to see how we can provide a solution to your needs. We also offer vulnerability scanning, web application penetration testing, mobile application penetration testing, infrastructure penetration testing, and wireless network penetration testing.
We can provide penetration testing services for your website or application via several delivery methods. You can add penetration testing to your Testing Services Subscription or you could request ad hoc testing for a situation where you don’t test very frequently. Find out more by clicking each ‘More Info’ button. If you find these all confusing get in touch with us at firstname.lastname@example.org or via our contact page so we can help you figure out the best solution.
Our software testers are very experienced at testing client applications remotely. The COVID-19 virus has forced a lot of organisation to work remotely but fortunately, our testers already have the skills to help remote teams. spriteCloud has been providing testing both remotely and on-site for over ten years. All of our software testing services can be executed remotely.
Ad Hoc Testing
Projects are fixed scope engagements of a predetermined time frame. In other words, we test only what you ask for. Projects can be delivered locally at your office alongside your team or carried out in a remote testing format from our offices in Amsterdam or Kiev.
Contracting is a method engagement where a tester is contracted to join your organisation to deliver the required testing on a (near-)full-time basis. Contract-based work is typically delivered locally but can also be delivered remotely.
Software Testing Subscription
Our Software Testing Subscription is a monthly recurring package (a Test Stack) made up of a custom mixture of our software testing services. Here you can decide the exact software testing services you want, how much testing you need, and how long you want the subscription. Our Software Testing Subscription allows you to create the best quality products for the best customer experience because it facilitates consistent and high quality testing.
Reported with Calliope Pro
All test results are delivered to you via Calliope Pro, our proprietary test results dashboard. Calliope was designed to make it easy to share, compare, and monitor test results with all stakeholders in one central location. Create a company, upload results, and collaborate more effectively.
Calliope was created for testers, by testers. Give it a try today.