World-leading cybersecurity provider, whom we have chosen to overcome any security challenge together. Specifically:
Industry's most reliable next-generation firewalls;
Enhance your company's threat detection, response, and prevention capabilities by consolidating and coordinating all cybersecurity technologies and operations. THUX's SOC is comprised of a team of IT security professionals who monitor the entire infrastructure 24/7 to detect cybersecurity events in real-time. Our experts select and manage IT security technologies, enhancing the company's security profiles. THUX's SOC is an ISO27001 certified service that employs a Zero Trust strategy.
The three main areas of the SOC are:
• Preparedness, Planning, and Prevention;
• Monitoring, Detection, and Response;
• Recovery, Enhancement, and Compliance.
The Cyber Command platform and probes - powered by Sangfor Technologies - combine their action in the three fundamental phases of cybersecurity: network traffic analysis, detection, and automated incident response, which minimizes response times.
Through the probe, which can be installed in corporate systems immediately without any structural intervention, intercepted communications passing through the network are captured. The information is then sent to the server, which performs sophisticated analysis on the traffic data, providing complete visibility to IT departments. This allows them to monitor real-time activities and the company's security posture.
Web Application Firewalls (WAFs) allow you to protect web applications from malicious attacks and unwanted internet traffic, including bots, injections, and application-level denial of service (DoS) attacks. WAF enables you to define and manage rules to prevent internet threats, including IP addresses, HTTP headers, HTTP bodies, URI strings, cross-site scripting (XSS), SQL injection, and other vulnerabilities defined by OWASP.
Network Access Control (NAC) allows companies to control access to their networks through the following functionalities:
• Policy Lifecycle Management: Apply policies for all operational scenarios without requiring separate products or add-on modules.
• Profiling and Visibility: Recognize and profile users and their devices before malicious code can cause harm.
• Guest Network Access: Manage guests through a customizable self-service portal that includes guest registration, authentication, sponsorship, and guest management.
• Security Posture Assessment: Evaluate security compliance based on user type, device type, and operating system.
• Incident Response: Mitigate network threats by applying security policies that block, isolate, and remediate non-compliant machines without administrator intervention.
• Bidirectional Integration: Integrate with other security and network solutions via an open/RESTful API.
A Session Border Controller (SBC) is a specialized device that protects and manages IP communication flows. Originally designed to secure and control VoIP networks, SBCs are now used to regulate all forms of real-time communication, including VoIP, IP video, text chat, and collaboration sessions. They provide a variety of functions, including:
• Security: SBCs protect against Denial of Service (DoS) and Distributed DoS (DDoS) attacks, guard against phone fraud and service theft, and offer media and signaling encryption to ensure confidentiality.
• Multivendor Interoperability: SBCs normalize SIP (Session Initiation Protocol) signaling headers and messages to mitigate multivendor incompatibilities.
• Session Routing: SBCs route sessions across network interfaces to ensure high availability or enable cost-effective Least Cost Routing (LCR).
THUX Systems' Managed Security Services (MSS) enable companies to detect and respond to cyber threats in real-time. As your security partner, we monitor your infrastructure and take action in case of intrusions, with the support of cybersecurity specialists as an extension of your team, 24/7, 365 days a year. THUX MSSPs establish a Security Operations Center (SOC), which is responsible for protecting the infrastructure (networks, applications, databases, servers, etc.).
Key phases of MSS services include:
• Risk assessment and gap analysis: Identifying vulnerabilities and potential threats in the IT environment.
• Policy development and risk management: Creating security policies and risk management plans.
• Solution research: Identifying the most suitable solutions to address identified threats.
• Solution research and procurement: Acquiring the necessary tools and resources to implement security solutions.
• Solution implementation: Configuring and deploying security solutions.
• Security systems management: Continuous monitoring of the IT environment for suspicious activities.
• Configuration management: Maintaining security configurations for maximum effectiveness.
• Security updates: Applying patches and updates to address new threats.
• Reporting, review, and compliance: Generating security status reports, reviewing activities, and ensuring compliance with regulations.
• Training and education: Providing training for company staff to improve awareness and skills.
The journey towards increased security and resilience begins with the Vulnerability Assessment, which gives the company a comprehensive check-up, a snapshot of all vulnerabilities present in the corporate network.
The Vulnerability Assessment is the first of the levels among Proactive Security Services. The VA procedure involves the execution of automated and semi-automated, non-invasive scans conducted by specialists using proprietary and open-source software tools, both physical and virtual probes, to detect vulnerabilities. These scans are later complemented by manual verifications carried out by cybersecurity experts, aimed at eliminating false positives and negatives that may have been introduced by automatic analysis tools.
The Penetration Test is a cybersecurity verification service that involves conducting in-depth tests using Ethical Hacking techniques. It identifies vulnerabilities that are not known or detectable through scanning and automatic analysis tools. The PT leverages a preliminary VA and allows for the evaluation of vulnerabilities identified by the VA and manual verifications, extending to additional systems and applications. It is conducted at a more in-depth level, exploiting vulnerabilities to demonstrate and assess the consequences of a hypothetical cyberattack. It is carried out by Pen Testers. The purpose is to simulate, as comprehensively and completely as possible, operations commonly performed by an external or internal threat agent, using tools and techniques typical of a real-world scenario.
The output of these services includes:
• Analysis of infrastructure vulnerabilities
• Analysis of the risks to which the company is exposed
• Development of an assessment project
• Definition of a timeline (Gantt) for the individual assessment steps
• Identification of affected company processes, involved stakeholders, and required time
• Identification of policies and documentation to be modified
• Evaluation of possible solutions to the vulnerabilities identified in the test
• Execution of the process in compliance with national laws and GDPR
• Linking assessment findings to ISO 27001 and NIST procedures if applicable.
A team of IT Consultants and Legal experts specialized in Cybersecurity, along with an international Certification Body, is here to guide your company through the ISO 27001 certification process and GDPR compliance. ISO 27001, "Information Security Management System," is an international standard that defines requirements for information security by translating corporate policies into action through procedures aimed at data protection and privacy, implementing best practices in the field of cybersecurity. The objectives of ISO 27001 are as follows:
• Identify weaknesses in the system to reduce risks.
• Decrease the likelihood of negative events occurring.
• Minimize damage in case negative events occur.
• Focus on training and competence to reduce human error and increase awareness.
Regarding GDPR compliance, we assist clients in the process of aligning with the European GDPR regulation to enhance and harmonize data protection. Our services range from client analysis to identifying all necessary actions for compliance with regulations, including audit activities.
The Social Engineering phase is typically considered when sufficient information has not been obtained during the Recon phase, or when testing the resilience of the organization or individuals involved. Even for the Social Engineering phase, THUX follows OSINT guidelines.
Here are the phases in which we conduct Social Engineering activities:
Typical phases in social engineering may vary, but here is a common description of the involved phases:
• Information Gathering: During this phase, information about the target or organization you want to attack is collected. This may include online research, analysis of social media interactions, gathering personal details, or identifying professional relationships.
• Building a Relationship: In this phase, an attempt is made to establish a connection or relationship with the target victim. This can be achieved through tricks such as pretending to be a friend, colleague, expert, or trusted authority figure.
• Gaining Trust: We work to gain the victim's trust by presenting ourselves as a reliable figure or someone who can help. This may involve creating a convincing false identity or using previously gathered information to demonstrate knowledge and expertise.
• Exploitation: Once trust is established, the attacker exploits this situation to obtain what they desire. This could include requesting sensitive information, persuading the victim to perform specific actions, or gaining access to sensitive systems or data.
• Maintaining Access: If the attacker's goal is to gain access to a system or organization, they may work to maintain that access so they can continue to exploit it for further malicious activities or information gathering.
We offer various Social Engineering techniques that can be adopted based on the situation and attack objectives:
• Phishing: Phishing is one of the most common Social Engineering techniques. It involves sending emails or communications that appear to come from reliable and legitimate sources to induce people to share sensitive information such as passwords, credit card numbers, or account details. We prepare phishing campaigns targeting identified users and potentially transform them into Whaling campaigns if data of key company personnel is identified.
• Pretexting: This technique involves creating a false identity or using an authoritative role to gain access to confidential information or secure locations. For example, an attacker might pretend to be a support technician or an external company representative to gain physical access to a sensitive area. If Phishing/Whaling is not effective, we may conduct site surveys at the client's premises to identify potential entry points.
• a. WiFi Scanning and Wardriving: These techniques are used to find references to the company's data at the client's premises.
• b. Gaining Physical Access: There may be a need to gain physical access to a network port or computer. In this case, we can install a standalone connection system directly on a network port or install trojans or backdoors on a computer using BadUSB.
• c. Installation of a WiFi Pineapple MKVII in a physically exposed network port near the perimeter of the premises. In this way, by staying within 50-100 meters of the test location, you can have wireless access to the LAN.
Phone-Based Social Engineering: This technique involves using verbal manipulation skills through phone calls to obtain sensitive information or convince people to take unauthorized actions. The attacker may pretend to be an employee or a representative of a trusted company to gain access to information or resources. For this activity, we use caller ID spoofing techniques (both landline and mobile numbers) to make the call more credible.