A solid security posture requires insatiable curiosity and unrelenting desire to understand how a technology stack work at the core. This demands a versatile skill set, attention to detail, exploring, and questioning attributes. Qualities needed to identify vulnerabilities one step ahead from potential intruders. At Sorint, we’ve brough together a team of the finest in the field of cybersecurity to ensure that our client’s IT infrastructure stands as secure as possible.
Digital Technology Service
Digital Technology Service
Cybersecurity attacks in numbers
Organizations of all sizes are target.
The technique emphases the need of internal staff training.
Cost of ransomware could lead to financial distress or bankruptcy in some cases.
$265 billion by 2031
Highlights the importance of customer’s data.
Covid 19’s work from home initiative opened doors for more security vulnerabilities.
Over the last 3 years. The average cost of cyberattacks increased 42%.
Indicated more security vulnerabilities and measures.
Due to the severe impacts that could emerge.
Respondents of a study held 86% responsible to c-level management.
Cybersecurity attacks in numbers
Organizations of all sizes are target
The technique emphases the need of internal staff training.
Cost of ransomware could lead to financial distress or bankruptcy in some cases.
$265 billion by 2031
Highlights the importance of customer’s data.
Covid 19’s work from home initiative opened doors for more security vulnerabilities.
Over the last 3 years. The average cost of cyberattacks increased 42%.
Indicated more security vulnerabilities and measures.
Due to the severe impacts that could emerge.
Respondents of a study held 86% responsible to c-level management.
Relationship lies in their shared goals
Relationship lies in their shared goals
High-level overview
High-level overview
Monitoring and detecting – The make it model
Identifying, evaluating, and understanding potential threats on infrastructure, systems, network, data, and running apps.
Deeper understanding of the potential risks, domain, and characteristic.
Threat Intelligence (CTI) platforms Malware analysis tools
All proactive activities to mitigate potential risks and solidifying the security posture.
EDR, firewalls, multi-factor authentication systems, data encryption systems
Regular monitoring of IT infrastructure
Intrusion Detection Systems (IDS)
Intrusion Prevention Systems (IPS)
Security Event Management Systems (SIEM)
Application Firewalls (WAF)
Cloud and Containers Security
Smooth flow of communication between all stakeholders
Security case management platforms (Ticketing tools),
Document management systems.
Protocols designed to effectively manage and reduce the impact of /prevent security incidents as they happen.
Incident response systems
Incident orchestration platforms (SOAR).
Reporting tools and documentation practices.
Continues support in all security related matter.
Ensure stakeholders are aware of the fundamentals/protocols.
Knowledge management systems
Online training tools
Monitoring and detecting – The make it model
Identifying, evaluating, and understanding potential threats on infrastructure, systems, network, data, and running apps.
Deeper understanding of the potential risks, domain, and characteristic.
Threat Intelligence (CTI) platforms Malware analysis tools
All proactive activities to mitigate potential risks and solidifying the security posture.
EDR, firewalls, multi-factor authentication systems, data encryption systems
Regular monitoring of IT infrastructure
Intrusion Detection Systems (IDS)
Intrusion Prevention Systems (IPS)
Security Event Management Systems (SIEM)
Application Firewalls (WAF)
Cloud and Containers Security
Smooth flow of communication between all stakeholders
Security case management platforms (Ticketing tools),
Document management systems.
Protocols designed to effectively manage and reduce the impact of /prevent security incidents as they happen.
Incident response systems
Incident orchestration platforms (SOAR).
Reporting tools and documentation practices.
Continues support in all security related matter.
Ensure stakeholders are aware of the fundamentals/protocols.
Knowledge management systems
Online training tools
Penetration – The make it model
Staying ahead of emerging threats and outpacing intrusion attempts
Penetration – The make it model
Staying ahead of emerging threats and outpacing intrusion attempts
Mastering cybersecurity since mid-1990s
Dedicated sircles targeting various areas of security
Legend team in the field
Training hours
Fully handling security activities of prominent entities, in various industries, in Europe, US, and Africa.
Community support & developed various open-source security related tools
24x7x365 days support
Highest field accreditation
Hands-on tools experience and accreditation
Mastering cybersecurity since mid-1990s
Dedicated sircles targeting various areas of security
Legend team in the field
Training hours
24x7x365 days support
Highest field accreditation
Hands-on tools experience and accreditation
Community support & developed various open-source security related tools
Fully handling security activities of prominent entities, in various industries, in Europe, US, and Africa.
Cyber Security Analysts | Incident Responder | SecOps Specialist
+10 years of experience in network & cyber security. Cyber security enthusiast
Reverse Engineer, Incident Responder, Opensource Developer and Contributor
CTF player, trainer, conferences regular speaker at DEFCON, Insomni’hack, Nullcon
Application Security Consultant
+7 years of experience in the security field. CTF player, bug hunter and cyber security enthusiast.
Sircle (departments) involved
Cyber Security Analysts | Incident Responder | SecOps Specialist
+10 years of experience in network & cyber security. Cyber security enthusiast
Application Security Consultant
+7 years of experience in the security field. CTF player, bug hunter and cyber security enthusiast.
Reverse Engineer, Incident Responder, Opensource Developer and Contributor
CTF player, trainer, conferences regular speaker at DEFCON, Insomni’hack, Nullcon
Sircle (departments) involved
From technology/vendor, skill levels, IT domains/specialization, to vender-neutral certifications
ISO 27001 | ISO 20000-1 | ISO 9001 | ITIL
| 3CX |
| 6sigma |
| Aerohive |
| Aerohive Networks |
| Alison |
| ALTARO |
| Amazon |
| AMPG International |
| APMG |
| Apple |
| Aruba |
| AXELOS |
| Barracuda |
| BIT |
| Blue Team |
| BMC |
| Brocade |
| Business Objects |
| CEPIS |
| CertProf |
| Check Point |
| Cisco |
| Citrix |
| Cloud Champion |
| Cloudera |
| Cobit |
| COMMVAULT |
| Company Tutor |
| Compaq |
| CompTIA |
| CROSSNOVA |
| CSSC |
| Cyberark |
| D-LINK |
| Databricks Academy |
| DataCore |
| DELL EMC |
| Devops Institute |
| Dynatrace |
| Ec-Council |
| ECDL |
| Edx |
| eipass |
| Elastic |
| eLearnSecurity |
| EMC |
| EnterpriseDB |
| enVision |
| EUCIP |
| EXIN |
| Extreme Networks |
| F5 |
| FacilityLive |
| FinOps Foundation |
| FireEye |
| ForeScout |
| FORTINET |
| GIAC |
| GitLAB |
| Google Cloud |
| Google Play Academy |
| HashiCorp |
| Hazelcast |
| Hitachi |
| HP |
| Huawei |
| IBM |
| Infoblox |
| INIM Eletronics |
| Istituto Italiano di Project Management |
| ISTQB |
| Juniper |
| Konnex |
| Lacework |
| LibraEsva |
| Linux Foundation |
| Linux Professional Institute |
| MariaDB |
| Meru |
| MIA-PLATFORM |
| Microsoft |
| MikroTik |
| MongoDB |
| Neo4j |
| NetApp |
| Netscreen |
| Netskope |
| Netwitness |
| NETWRIX |
| Novell |
| NUTANIX |
| ObserveIT |
| Offensive Security |
| OpenSecurityTraining2 |
| ORACLE |
| Palo Alto |
| People Cert |
| PMI |
| Qualys |
| Rancher Academy |
| Red Hat |
| Reevo Cloud Academy |
| Reuters |
| SCP |
| Scrum Alliance |
| Scrum.org |
| ScrumStudy |
| SonicWall |
| SOPHOS |
| Splunk |
| Stormagic |
| Sun |
| SUSE |
| Symantec |
| TERADATA |
| Toshiba |
| Trend Micro |
| Triton |
| Veeam |
| Vendor |
| Veritas |
| VMware |
| WatchGuard |
| WatchGuardONE |
| WEBROOT University |
| ZERTO |
| ZyXEL |
Areas and field of focus
360 view around the clock
SOC activities
In-depth analysis of project posture, team awareness, and a customized going forward strategy.
Processes, methodologies, tools, & workshops
Executing, reporting, and consultation.
Might include handling reported issues.
Cybersecurity governance
Areas and field of focus
360 view around the clock
SOC activities
In-depth analysis of project posture, team awareness, and a customized going forward strategy.
Processes, methodologies, tools, & workshops
Executing, reporting, and consultation.
Might include handling reported issues.
Cybersecurity governance
Delivered by: SORINTians
EDR Solution, Design, & Implementation for All Endpoints
Find, configure, and deploy an EDR (Endpoint Detection & Response) tool. For hundreds of thousands of endpoints.
Investigation phase focused deeply on analysing client’s
infrastructure & evaluating possible relevant tools.
Resulting in a group of POCs and tests. Along with a clear
deployment proposal.
After the tool selection phase. The deployment phase included activities such as:
Activities aiming to provide real-time visibility of the detected threats and isolating them from the network. Providing accurate analysis.
Result & delivery
Implementation and Management of a SIEM Solution
A SIEM tool able to:
Evaluating client’s SOC and NOC workflow during the
tool selection phase. Closely aligning with client’s internal team.
Following the evaluation process and the agreement on the proposal submitted. SIEM Elastic was the go-to- choice due to the capability of being a modular/unified, scalable, and on top, being an open-source solution. Importantly, allowing SOC analysts to conduct swiftly analytical security events. Furthermore, the implementation phase carried out activities like:
Result & delivery
Within the agreed timeframes, a high-quality software product that fully complied to all pre-planned requirements. E.g.
Black-box Penetration Testing – WP extension
While carrying out penetration test activities to a client’s web solution. Our security team were able to detect a critical XSS bug for the extension WP-Optimize (+1 million active installation). Developed by Team UpdraftPlus. A well-known WordPress plugin.
The bug was documented & reported to the providers.
As a summary, the challenge was complicated to proof. It required tools/extensions (WPScan, WordFence Security, and others) several attempts, injecting payloads, probing the search function using Burp Intruder as an attack type, plus refining the tactics of the attacks. After few attempts, we were able to get the XSS-reflected payload.
The team was able to analyse how the WebP-Conversion option causes a flow during the process of converting HTML entities to the reserved HTML characters. Clearly an issue. Attackers can inject malicious input encoded using HTML entities and str_get_html function. The function will convert it back to actual HTML tags, where the browser will be able to render it. Bypassing Wordfence filtering, which happens before the str_get_html function.
Result & delivery
Delivered by: SORINTians
EDR Solution, Design, & Implementation for All Endpoints
Find, configure, and deploy an EDR (Endpoint Detection & Response) tool. For hundreds of thousands of endpoints.
Investigation phase focused deeply on analysing client’s
infrastructure & evaluating possible relevant tools.
Resulting in a group of POCs and tests. Along with a clear
deployment proposal.
After the tool selection phase. The deployment phase included activities such as:
Activities aiming to provide real-time visibility of the detected threats and isolating them from the network. Providing accurate analysis.
Result & delivery
Implementation and Management of a SIEM Solution
A SIEM tool able to:
Evaluating client’s SOC and NOC workflow during the
tool selection phase. Closely aligning with client’s internal team.
Following the evaluation process and the agreement on the proposal submitted. SIEM Elastic was the go-to- choice due to the capability of being a modular/unified, scalable, and on top, being an open-source solution. Importantly, allowing SOC analysts to conduct swiftly analytical security events. Furthermore, the implementation phase carried out activities like:
Result & delivery
Within the agreed timeframes, a high-quality software product that fully complied to all pre-planned requirements. E.g.
Black-box Penetration Testing – WP extension
While carrying out penetration test activities to a client’s web solution. Our security team were able to detect a critical XSS bug for the extension WP-Optimize (+1 million active installation). Developed by Team UpdraftPlus. A well-known WordPress plugin.
The bug was documented & reported to the providers.
As a summary, the challenge was complicated to proof. It required tools/extensions (WPScan, WordFence Security, and others) several attempts, injecting payloads, probing the search function using Burp Intruder as an attack type, plus refining the tactics of the attacks. After few attempts, we were able to get the XSS-reflected payload.
The team was able to analyse how the WebP-Conversion option causes a flow during the process of converting HTML entities to the reserved HTML characters. Clearly an issue. Attackers can inject malicious input encoded using HTML entities and str_get_html function. The function will convert it back to actual HTML tags, where the browser will be able to render it. Bypassing Wordfence filtering, which happens before the str_get_html function.
Result & delivery
