Cyber threats are becoming increasingly sophisticated and safeguarding the company from dangerous events and attacks is now essential. The Secure Group security intelligence services allow to prevent, diagnose and analyse attacks in order not to sacrifice business and corporate growth.


By constantly monitoring the Cyberspace (Underground, Crime Servers and Open Sources information), through proprietary tools, you get timely, high quality information and insights that can be used to protect the company and its business not only from possible attacks but also from operations that can damage their image (Digital Identity Abuse and Online Fraud)Botnets and C&C

  • Targeted Malware
  • Credit Card Theft
  • Rogue Mobile App
  • Hactivism
  • Data Leakage
  • Phishing & Cybersquatting
  • Brand Abuse
  • Threat Intelligence Feed


On the basis of the OWASP and ISECOM directives, the security level of all IT components is measured in order to determine the threats present and prepare the actions useful to mitigate their effects.

  • Network auditing
  • Ethical hacking
  • Web application testing
  • Penetration testing
  • Mobile application testing
  • Code review
  • IBM z/OS security testing
  • IBM iSeries security testing
  • SAP security testing
  • PCI DSS security testing
  • Social Engineering
  • Brand Reputation attack
  • Top management attack (C*O)


When an incident occurs, it is important to understand how it could have happened, what damage it has caused and what the consequences may be.

  • Computer Forensics
  • Live analysis
  • Information retrieval
  • Deleted media analysis
  • APT / Malware analysis
  • Incident Response
  • Network Forensics
  • Virtual Forensics
  • Cloud Forensics
  • Data leakage

Security Assessment

The security assessment service is one of the essential audit components of the corporate cyber security. It consists of activities useful for identifying the degree of vulnerability of the analysed IT environment, verifying the technical / architectural correctness of the computer network analysed and establishing whether external or internal factors could compromise corporate security. This process is mainly based on three intervention methods:


The detection of the services provided, the fingerprinting of the operating systems adopted and the analysis of all known vulnerabilities (applications, systems, equipment, configuration, etc.). In this phase different tools are used (for example: Tenable-Nessus, Nexpose, Qualys, NCircle, AppScan, etc.) to control the 26,000 vulnerabilities present in the various constantly evolving global databases (CVE, CWE, CCE, Bugtraq, OSVDB etc.). In this phase it is important to use different types of tools (commercial and non-commercial) in order to identify the maximum number of known vulnerabilities.


Starting from the results of the Vulnerability Assessment, every single vulnerability is tested and exploited for intrusive purposes, through Penetration Test tools (for example: MetaSploit, Predator, Saint, etc.) that test all known exploits in order to test their effectiveness. In some cases, where the vulnerabilities could cause service interruption (Denial of Service), it is preferable to agree with the client on the possible implementation of such attempts.


Where exploits or misconfigurations are successful, we proceed with an escalation activity in search of new resources to exploit (Pivoting) or information to be captured. This phase is a real challenge, carried out with the experience of Secure Group Security Engineers who simulate the activity of a hacker. If the intrusion is successful, it is possible to repeat the analysis starting from the second phase, with a view to new resources discovered.