Cybersecurity

Cybersecurity: the foundation of trust required for your digital transformation

 

Our mission is to provide solutions and trusted services to the most exposed public and private actors, to ensure the resilience of their critical systems and protect their sensitive information assets. Our teams support you throughout the entire security lifecycle, from prevention to protection and detection-reaction.

Our tailor-made approach is adapted to your context and your technological and budgetary constraints, around a service model that combines proximity and industrialization. At the heart of cybersecurity and crisis management, the quality, proximity and durability of the relationship of trust with our customers is fundamental. Listening to your specific needs and the initiatives of our experts, we are constantly improving in order to provide you with highperformance and, if necessary, creative solutions!


 

A WIDE NETWORK OF EXPERTS: +1000 IN EUROPE

A NEW GENERATION OF CYBER CENTRES IN EUROPE

15 COUNTRIES COVERED BY AN INTERNATIONAL LOCAL NETWORK


Trusted services over the entire lifecycle of information system security.


Our team of consultants, experts and analysts support your project through the key stages of cybersecurity, from the definition of your security strategy, to daily monitoring and interaction operations. Their mission: to guarantee the resilience of your IS in real time and protect your information assets.

 

 

Learn more

 

 

Our latest blog articles

| Karim Azer-Nessim

Navigating the cybersecurity terrain: insights and strategies

| Bridget Cosgrave

Europe 2030: a digital powerhouse?

| Francois Gilles

Gartner’s top 10 strategic technology trends for 2024: it’s (almost) all about AI

 

 

News

Penetration Testing - Offer

Mar 12, 2020, 10:43 AM
Title* : Penetration Testing - Offer

A risk based approach

Sopra Steria follows a Risk Based Approach that reveals business risks and not just technical vulnerabilities. Our security experts understand the business process and deliver valuable results based on real scenarios. Different risk rating methodologies (CVSS, OWASP) are used based on company specific factors.

The different penetration tests scenarios 

  • Internal testing: to simulate the damage a disgruntled employee could do on your systems.
  • External testing: to simulate an outside hacker attacking your public facing infrastructure.
  • White box testing: the tester has been provided with some information regarding the target network before starting work.
  • Black Box / Blind testing: the tester has been provided with very limited data or none before the test procedure takes place.
  • Double blind testing: the company’s blue team is unaware of the attack and its response capabilities are tested.

Methodologies

  • OWASP (Testing Guide, Risk Rating, Top 10, ASVS)
  • CVSS
  • CWE/SANS TOP 25 Most Dangerous Software Errors
  • Penetration Open Source Security Testing Methodology Manual (OSSTMM)
  • Testing Execution Standard (PTES)

Penetration Testing

Sopra Steria takes the time to understand your business needs and think like a real attacker. This allows us to gain a holistic business overview, as well as a technical point of view. We will first identify the weakest link that may cause a severe impact to the organization, and then escalate to gain privileged access to information or systems. Our services are based on a hybrid approach composed of automated and manual tests. Tests will be conducted in a controlled and safe manner. For successful exploited vulnerabilities, our penetration testing experts will attempt further actions to increase their presence and gain elevated privileges.

Tags :
SS_pen-test

 

 

Publications

Penetration Testing - Offer

Mar 12, 2020, 10:43 AM
Title* : Penetration Testing - Offer

A risk based approach

Sopra Steria follows a Risk Based Approach that reveals business risks and not just technical vulnerabilities. Our security experts understand the business process and deliver valuable results based on real scenarios. Different risk rating methodologies (CVSS, OWASP) are used based on company specific factors.

The different penetration tests scenarios 

  • Internal testing: to simulate the damage a disgruntled employee could do on your systems.
  • External testing: to simulate an outside hacker attacking your public facing infrastructure.
  • White box testing: the tester has been provided with some information regarding the target network before starting work.
  • Black Box / Blind testing: the tester has been provided with very limited data or none before the test procedure takes place.
  • Double blind testing: the company’s blue team is unaware of the attack and its response capabilities are tested.

Methodologies

  • OWASP (Testing Guide, Risk Rating, Top 10, ASVS)
  • CVSS
  • CWE/SANS TOP 25 Most Dangerous Software Errors
  • Penetration Open Source Security Testing Methodology Manual (OSSTMM)
  • Testing Execution Standard (PTES)

Penetration Testing

Sopra Steria takes the time to understand your business needs and think like a real attacker. This allows us to gain a holistic business overview, as well as a technical point of view. We will first identify the weakest link that may cause a severe impact to the organization, and then escalate to gain privileged access to information or systems. Our services are based on a hybrid approach composed of automated and manual tests. Tests will be conducted in a controlled and safe manner. For successful exploited vulnerabilities, our penetration testing experts will attempt further actions to increase their presence and gain elevated privileges.

Tags :
SS_pen-test

Contact our experts