logo
logo-hover
Discover
/static/image/icon_1_code.svg
What do we do
/static/image/icon_2_code.svg
Methodologies
/static/image/icon_3_code.svg
Technologies
/static/image/icon_4_code.svg
Lab
Discover
/static/image/icon_1_systems.svg
Solutions
/static/image/icon_2_systems.svg
Services
/static/image/icon_3_systems.svg
Technologies and partnership
Menu
Thux > Thux Systems > Vulnerability Assessment and Penetration Test

Vulnerability Assessment

The path towards greater security and resilience begins with Vulnerability Assessment, which allows the company to have a comprehensive check-up, a snapshot of all vulnerabilities present in the corporate network.

Vulnerability Assessment is the first of the levels among Proactive Security Services. The VA procedure involves the execution of automated and semi-automated, non-invasive scans, conducted by specialists who, using proprietary and open-source software tools, both physical and virtual probes, detect the presence of vulnerabilities. These scans are later complemented by manual checks performed by cybersecurity experts to eliminate false positives and negatives that may have been introduced by automatic analysis tools.

Penetration Test

A Penetration Test is a cybersecurity assessment service that involves conducting in-depth tests using Ethical Hacking techniques. It identifies vulnerabilities that are not known or detectable through automated scanning and analysis tools. The PT relies on a preliminary VA and allows for the evaluation of vulnerabilities found during the VA and manual checks, extending to additional systems and applications. It is conducted at a deeper level, where vulnerabilities are exploited to demonstrate and assess the consequences of a hypothetical cyberattack. Penetration tests are carried out by Pen Testers. The goal is to simulate, as comprehensively and completely as possible, the operations commonly performed by an external or internal threat actor, using tools and techniques typical of a real-world scenario.

Blue Team - defence

The Blue Team defends your company from attacks, mitigates security risks, and responds when cybersecurity incidents occur.

 

Red Team - offence

The Red Team simulates the attacker and attempts to take control of systems using vulnerabilities in technology and human factors. After this hacking phase is completed, they ensure that all identified vulnerabilities are addressed and reported for resolution.

Team consulting and CSIRT

A team of consultants for certifications and a computer security incident response team (CSIRT) are crucial components of a comprehensive cybersecurity strategy.

*The CSIRT is responsible for monitoring, detecting, analyzing, and responding to cyber threats.

 

 

Strategia Zero Trust

We ensure the proper management of all information related to a company's security status, full control of the infrastructure, data involving its users, processes, and technologies with the Zero Trust strategy.

PROTECTION AND PREVENTION: Monitoring; Remediation; Notification and Blocking of threats.

RESPONSE & REMEDIATION: Automatic remediation and intervention by the cybersecurity specialist team and CSIRT in case of intrusion.