Audit & Pentest
Through audit, penetration testing and red team services, we assess the exposure of your tertiary and industrial IS and IoT/embedded equipment to a cyber security attack.
To provide guarantees and consolidate the trust that our clients place in us, Alter Solutions has implemented a labelling and certification process for our services and resources.
In particular, Alter Solutions uses PASSI qualification for all of our scopes: organizational and physical audit, architectural audit, configuration audit, code audit and penetration test.
This qualification ensures, for example, that our clients can rely on the high level of expertise of our auditors, as well as a robust and tested audit process.
Which services will provide the best assessment of your security?

Organisational audit
Our auditors assess how well the security of your information systems is managed in relation to the reference standards, your internal and sector-specific reference standards and your operational risks.

Architecture audit
Our experts assess the technical and organisational security measures of your information systems in relation to security requirements concerning availability, integrity, confidentiality and traceability, while considering the threats that the system in question will be exposed to.

Configuration audit
Our auditors test the implemented security configurations against internal policies and reference standards.

Code audit
Our experts evaluate your web applications, mass-market clients and smart contracts through industrialised static analysis, a human code review and a dynamic approach.

Pentest
Working within a perimeter agreed with the client, our pentesters proceed in the same way as an attacker would. They can simulate attacks from outside and/or inside your network, or target specific systems and equipment. They help you to define scenarios and select the approaches (black box, grey box and white box) that will provide the best response to your security objectives.

RedTeam
Our most experienced penetrators simulate and sequence a full-scale advanced attack on your business, from stealing information to recovering confidential documents or accessing critical features, as well as exploiting technical or human weaknesses. This service will challenge your security incident detection and response teams.

Blockchain & Web3 security
Discover our expertise in securing smart contracts and blockchain infrastructures.
The scope of our services covers:
IT
- Infrastructure: datacentre, corporate networks, public and private cloud
- Systems: servers, virtualisation, hypervision, orchestration and containerisation
- Telecoms and VoIP
- Wi-Fi networks
- Desktop and mobile devices (Windows, Linux, Android, iOS and specific)
- Web, native and mobile applications, hosted on-premise or with cloud providers
OT
- Industrial control systems (ICS)
- SCADA systems
- Programmable Logic Controllers (PLC)
- Distributed Control Systems (DCS)
- Safety Instrumented Systems (SIS)
- Miscellaneous embedded systems
IoT
- Cloud IT infrastructure, web interfaces / APIs
- Mobile applications
- Communications (NFC/RFID, BT/BLE, UMTS/LTE, WI-FI, etc.)
- Updating systems
- Firmware
- Physical interfaces (USB, JTAG, SD, etc.)
- Hardware
Our experts are certified
Why choose Alter?
Trust
To provide guarantees and consolidate the trust that our clients place in us, Alter Solutions has implemented a labelling process for our services and resources. RGS (General security baseline) PASSI (IS security audit services provider) qualification is the first milestone in this strategy.
Expertise
Developing and maintaining a high level of expertise is one of our main objectives. We are fostering communities of in-house experts that complement Alter Solutions’ cybersecurity services. In addition to our intelligence and innovation budget, we train and certify our consultants and auditors with the best cybersecurity organisations.
Local presence
We operate in 11 countries, so we are always on hand to assist you, with project and assignment management in your own language if needed, by supplying the skills and resources of all our European teams.