Audit & Pentest
Through audit, penetration testing and red team services, we assess the exposure of your tertiary and industrial IS and IoT/embedded equipment to a cyber security attack.
To provide guarantees and consolidate the trust that our clients place in us, Alter Solutions has implemented a labelling and certification process for our services and resources.
In particular, Alter Solutions uses PASSI qualification for all of our scopes: organizational and physical audit, architectural audit, configuration audit, code audit and penetration test.
This qualification ensures, for example, that our clients can rely on the high level of expertise of our auditors, as well as a robust and tested audit process.
Which services will provide the best assessment of your security?
Our auditors assess how well the security of your information systems is managed in relation to the reference standards, your internal and sector-specific reference standards and your operational risks.
Our experts assess the technical and organisational security measures of your information systems in relation to security requirements concerning availability, integrity, confidentiality and traceability, while considering the threats that the system in question will be exposed to.
Our auditors test the implemented security configurations against internal policies and reference standards.
Our experts evaluate your web applications, mass-market clients and smart contracts through industrialised static analysis, a human code review and a dynamic approach.
Working within a perimeter agreed with the client, our pentesters proceed in the same way as an attacker would. They can simulate attacks from outside and/or inside your network, or target specific systems and equipment. They help you to define scenarios and select the approaches (black box, grey box and white box) that will provide the best response to your security objectives.
Our most experienced penetrators simulate and sequence a full-scale advanced attack on your business, from stealing information to recovering confidential documents or accessing critical features, as well as exploiting technical or human weaknesses. This service will challenge your security incident detection and response teams.
Blockchain & Web3 security
Discover our expertise in securing smart contracts and blockchain infrastructures.