What do you think about when you hear the word “hacker”? Most likely the image of a lone guy in a dark hoodie, typing away rapidly in a dimly lit room while bright green symbols appear on his computer screen, ended up crossing your mind.
Truth is, most hackers don’t fit into this stereotype. And another truth is that their tactics are rapidly evolving, cybercrime is growing and so are its associated costs. These costs include stolen accounts and money, lost productivity and data, reputational damage, restoration and much more.
The increased number of breaches and other cyberattacks committed against large and small businesses alike force us to think one step ahead and give more consideration to the security of the applications we develop.
For this reason and many others, Evozon has introduced a new service for its clients:
Penetration testing
Simply put, pen testing is an attempt for the good guys to break in, with the purpose of identifying security weaknesses that real hackers could exploit and determining what impact the breach may cause.
A penetration tester applies a strategic way of thinking, in the same way as a hacker would, and lots of creativity to simulate a real attack and track the behavior of the system as well as evaluate how the team maintaining it is able to respond.
We’ve mentioned that hackers are not as stereotypical as you think. In order to counter their attacks, the first step is to understand how they work. We can mimic their mindset and tactics, but we do it professionally and ethically.
So, who are we? We’re the –
Evozon Information Security Division
A team of experienced penetration testers who’ve worked on over 100 application audits, covering areas from complex web and mobile applications, web services, infrastructure and social engineering.
We follow a structured approach in our engagements, based on the OWASP methodology. We adhere to a strict code of professional ethics.
When a website or application works with personal data, online transactions or other confidential information, the user must be able to trust that website or application.
Unfortunately, many companies fail to properly address security issues in their software development process.
Penetration testing is recommended in the final stages of the development process, before the website or application is launched. But we believe that security services should be integrated into the whole development process.
Besides penetration testing, consulting and other related services, we also offer trainings for various sets of interests and backgrounds in cybersecurity, for security enthusiasts and professionals, developers and managers.
Learn more about us through our website: cybersecurity.evozon.com
We’ve also mentioned that cyberattack tactics are evolving at a fast pace. We believe that staying ahead in cybersecurity requires continuous learning.
So, with this in mind, on November 24 Evozon Information Security Division is hosting the
OWASP Cluj-Napoca #11 meeting
The event takes place at Evozon’s HQ and features two parallel tracks:
- “Integrating security as a service in software product development” – Presentation held by Andrei Pușoiu
Security must be integrated into the development process of each application, no matter its type or purpose. This presentation addresses the needs of project managers, business analysts and other such professionals who want to learn how to do that and what benefits it will bring for their company.
- “Security testing for mobile applications” – Workshop held by Daniel Ciobanu
This workshop is a hands-on session with specific methods and tools for security enthusiasts who want to learn the ways in which a mobile application can be hacked and what are its vulnerabilities. Don’t forget to bring your laptop for this session!
Attendance is free for the entire event but, if you’d like to join us, we ask you to confirm your participation by November 23 on the OWASP Cluj-Napoca meetup group.