1 OUR PORTFOLIO
IT System & Business Cyber ERP CRM Service MGMT SECURITY intelligence
BUSINESS SYSTEM PROJECT SOFTWARE TRAINING SUPPORT CONSULTING INTEGRATION MANAGEMENT DEVELOPMENT
© Würth Phoenix – December 2020 … more than software 2 DATA & FACTS
10.467.311.280 90% 75% pwned accounts malware of violations 2020 comes from email are caused by human error
Cybercrime will never end because it is profitable and low risk
Over 43 billion Threats yearly spent constantly evolving
© Würth Phoenix … more than software 3 CYBER SECURITY
DEFENSIVE OFFENSIVE
EXPOSURE ASSESSMENT PENETRATION TEST OneTime | SaaS | SaaS&Managed
VULNERABILITY ASSESSMENT PASSWORD AUDIT OneTime | On-Prem
GAP ANALYSIS SOCIAL ENGINEERING
SECURITY TRAINING RED TEAMING
© Würth Phoenix … more than software 4 DEFENSIVE
EXPOSURE ASSESSMENT One Time | SaaS | SaaS & Managed
© Würth Phoenix 5 EXPOSURE ASSESSMENT | One Time
Verification of exposed resources OSINT
Reproduction of the attacker's point of view
Reconnaissance phase simulation WHAT
Mitigation and remediation actions
© Würth Phoenix D E F E N S I V E 6 EXPOSURE ASSESSMENT | One Time
Company inputs collection Domain(s) | Keywords
Objects collection Hostnames | IP addresses | Account e-mail
Research of weaknesses
Research of correlations HOW
Creation of a detailed report
Report presentation Remotely
© Würth Phoenix D E F E N S I V E 7 EXPOSURE ASSESSMENT | One Time
Surface Web Google Dorks | Organization website
Paste Site Search |Open Bug Bounty | Brand Reputation Deep Web Social Network | Blacklisted IPs| WayBack Machine| Telegram Groups & Channels | Data Leak Forums
WHERE Dark Web Data Breach Databases | TOR Network | Cyber Attacker Group Sites
© Würth Phoenix D E F E N S I V E 8 EXPOSURE ASSESSMENT | SaaS
Verification of exposed resources OSINT
Reproduction of the attacker's point of view
Reconnaissance phase simulation WHAT
Mitigation and remediation actions
© Würth Phoenix D E F E N S I V E 9 EXPOSURE ASSESSMENT | SaaS
Company inputs collection Domain(s) | keywords
Continuous objects collection Hostnames | IP address | E-mail account
Research of weaknesses
Research of correlations
Autonomous use of SATAYO Portal Graphs | Reports | Stats | Notifications HOW API for Monitoring platforms NetEye
Notification via Telegram and e-mail
Daily report generation
© Würth Phoenix D E F E N S I V E 10 EXPOSURE ASSESSMENT | SaaS
Surface Web Google Dorks | Organization website
Paste Site Search |Open Bug Bounty | Brand Reputation Deep Web Social Network | Blacklisted IPs| WayBack Machine| Telegram Groups & Channels | Data Leak Forums
WHERE Dark Web Data Breach Databases | TOR Network | Cyber Attacker Group Sites
© Würth Phoenix D E F E N S I V E 11 EXPOSURE ASSESSMENT | SaaS & Managed
Verification of exposed resources OSINT
Reproduction of the attacker's point of view
Reconnaissance phase simulation WHAT
Mitigation and remediation actions
© Würth Phoenix D E F E N S I V E 12 EXPOSURE ASSESSMENT | SaaS & Managed
Company inputs collection Domain(s) | keywords
Continuous objects collection Hostnames | IP address | E-mail account
Research of weaknesses
Research of correlations
Joinly use of SATAYO Web Portal Graphs | Reports | Stats | Notifications HOW API for Monitoring platform NetEye
Analysis and solution proposal Ticket | Phone call | E-mail
Daily report generation
© Würth Phoenix D E F E N S I V E 13 EXPOSURE ASSESSMENT | SaaS & Managed
Surface Web Google Dorks | Organization website
Paste Site Search |Open Bug Bounty | Brand Reputation Deep Web Social Network | Blacklisted IPs| WayBack Machine| Telegram Groups & Channels | Data Leak Forums
WHERE Dark Web Data Breach Databases | TOR Network | Cyber Attacker Group Sites
© Würth Phoenix D E F E N S I V E 14 EXPOSURE ASSESSMENT SaaS |
DEEP & DARK WEB
SATAYO provides detected evidences (per Ursula von der Leyen domain) appropriately filtered on the basis of Presidente della Commissione europea sources and keywords selected by cyber Ursula Gertrud von der Leyen, nata Albrecht, è una politica tedesca, 1 membro della CDU e Presidente della Commissione europea dal 1° security analysts team . Dicembre 2019. Wikipedia
1 All members of our team are CEH (Certified Ethical Hacker) certified and Source: https://doxbin.org/ are required to observe a specific code of ethics.
© Würth Phoenix D E F E N S I V E 15 EXPOSURE ASSESSMENT SaaS |
DATA BREACH
SATAYO is able to provide extracts of passwords and accounts used to register on services that have suffered data breaches; these are constantly updated by our cyber security analysts team.
No metric can be used with certainty to indicate how costly the data breach of Some examples a single access credential might be. The potential actions stemming from that . Unicredit (600k) data breach are wide-ranging and the . Università Campus values are calculated on the basis of Bio-medico di Roma (20k) the risk assessment specific to each organization.
© Würth Phoenix D E F E N S I V E 16 EXPOSURE ASSESSMENT SaaS |
SIMILAR DOMAINS
SATAYO is able to detect registered domains that are similar to the one used by your organization. In fact they could be xn--teslamtors-dx3e.com teslamọtors.com potentially used to generate targeted phishing attacks (spear phishing).
© Würth Phoenix D E F E N S I V E 17 EXPOSURE ASSESSMENT SaaS |
REPOSITORY
SATAYO shows an extraction of the evidences (example: logs, config. files, passwords, etc...) detected within the repositories used by the developers of the organization.
© Würth Phoenix D E F E N S I V E 18 EXPOSURE ASSESSMENT SaaS |
WEAKNESSES
SATAYO shows the weaknesses detected on the organization's resources: . unmanaged social pages . poorly configured mail servers . SSL misconfigurations . management ports . insecure protocols
© Würth Phoenix D E F E N S I V E 19 DEFENSIVE
VULNERABILITY ASSESSMENT One Time | On-Prem
© Würth Phoenix 20 VULNERABILITY ASSESSMENT | One Time
Vulnerabilities identifications
Vulnerabilities quantification
WHAT Vulnerabilities prioritization
© Würth Phoenix D E F E N S I V E 21 VULNERABILITY ASSESSMENT | One Time
Scope of engagement definition Private IP addresses | Public IP addresses
Cataloging of assets & resources
Identification of vulnerabilities for each resource
Vulnerability analysis and solution proposal HOW Creation of a detailed report
Report presentation Remotely
© Würth Phoenix D E F E N S I V E 22 VULNERABILITY ASSESSMENT | One Time
Networking equipments
WiFi
WHERE Server & clients
IoT & IIoT
© Würth Phoenix D E F E N S I V E 23 VULNERABILITY ASSESSMENT | On-Prem
Vulnerabilities identifications
Vulnerabilities quantification
WHAT Vulnerabilities prioritization
© Würth Phoenix D E F E N S I V E 24 VULNERABILITY ASSESSMENT | On-Prem
Scope of engagement definition Private IP addresses | Public IP addresses
Cataloging assets & resources
Continuous identification of vulnerabilities For each resource HOW
Integration of 3rd party system Monitoring | SIEM
© Würth Phoenix D E F E N S I V E 25 VULNERABILITY ASSESSMENT | On-Prem
Networking equipments
Server & clients
WHERE IoT & IIoT
© Würth Phoenix D E F E N S I V E 26 DEFENSIVE
GAP ANALYSIS
© Würth Phoenix 27 GAP ANALYSIS
Identification of current risk controls
Identification of residual risks WHAT
© Würth Phoenix D E F E N S I V E 28 GAP ANALYSIS
Interview to organization key people
Use of CIS Controls
TM Analysis of «AS IS»
Identification of «TO BE» set of cyber actions HOW Creation of a detailed report
Report presentation Remotely
© Würth Phoenix D E F E N S I V E 29 GAP ANALYSIS
Physical interview
Remote interview WHERE
© Würth Phoenix D E F E N S I V E 30 DEFENSIVE
SECURITY TRAINING
© Würth Phoenix 31 SECURITY TRAINING
Cyber Security Essential Tailored to the needs of the organization
Cyber Security Intermediate
Cyber Security Advanced
Exposure Analysis with OSINT WHAT
Social Engineering + ETEL game
Industrial Control System Security
© Würth Phoenix D E F E N S I V E 32 SECURITY TRAINING
Class room
Training on the job HOW
© Würth Phoenix D E F E N S I V E 33 SECURITY TRAINING
Customer site
Würth Phoenix
WHERE Microsoft Teams
© Würth Phoenix D E F E N S I V E 34 OFFENSIVE
PENETRATION TEST
© Würth Phoenix 35 PENETRATION TEST
Exploits detected vulnerabilities
Performed according to standard methodology WHAT
© Würth Phoenix O F F E N S I V E 36 PENETRATION TEST
Vulnerability Assessment
Research on vulnerabilities exploitation NIST Methodology
Exploit
HOW Creation of a detailed report
Report Presentation
© Würth Phoenix O F F E N S I V E 37 PENETRATION TEST
Networking equipments
WiFi
Server & clients
IoT & IIoT
WHERE Web services
Web applications
Mobile applications
© Würth Phoenix O F F E N S I V E 38 OFFENSIVE
PASSWORD AUDIT
© Würth Phoenix 39 PASSWORD AUDIT
Dictionary attack
Rainbow Table attack
Brute Force attack WHAT
Hybrid attack
© Würth Phoenix O F F E N S I V E 40 PASSWORD AUDIT
Company inputs collection Password hashes
Cracking execution One method | Multi method
Creation of a detailed report HOW Report presentation Remotely
© Würth Phoenix O F F E N S I V E 41 PASSWORD AUDIT
Active Directory
Database WHERE WiFi
© Würth Phoenix O F F E N S I V E 42 OFFENSIVE
SOCIAL ENGINEERING
© Würth Phoenix 43 SOCIAL ENGINEERING
Exploits of human factor
WHAT
© Würth Phoenix O F F E N S I V E 44 SOCIAL ENGINEERING
Phishing | Dumpster diving | Evil Twin Choice of Attack Vector(s) Impersonation | Baiting | Vishing | Lockpicking
Info gathering OSINT
Attack simulation
HOW Creation of a detailed report
Report presentation
© Würth Phoenix O F F E N S I V E 45 SOCIAL ENGINEERING
Employees
Top management
WHERE Key people
© Würth Phoenix O F F E N S I V E 46 OFFENSIVE
RED TEAMING
© Würth Phoenix 47 RED TEAMING
Multi-layered attack simulation
Organization's detection and response capabilities test
WHAT Focuses on the objectives rather than on used methods
© Würth Phoenix O F F E N S I V E 48 RED TEAMING
Info gathering OSINT
Identification of weaknesses
Attack simulation
HOW Creation of a detailed report
Report presentation Remotely
© Würth Phoenix O F F E N S I V E 49 RED TEAMING
All organizational resources
WHERE
© Würth Phoenix O F F E N S I V E 50 THE RIGHT SERVICE
INCREASING AWARENESS SECURITY SOCIAL PASSWORD PEOPLE TRAINING ENGINEERING AUDIT
POSTURE COMPLIANCY GAP PROCESS ANALYSIS
SECURITY IMPROVEMENT VULNERABILITY PENETRATION IT SERVICES ASSESSMENT TEST
INCIDENT DETECTION RESPONSE EXPOSURE RED ORGANIZATION CAPABILITY ASSESSMENT TEAMING
© Würth Phoenix … more than software 51 © Würth Phoenix … more than software 52