Cyber Security Audits

We analize your cyber security level in order to evaluate the current state of the web pages, computer systems and networks as well as identify vulnerabilities to get rid of them so that information leakage is avoided, so are service interruptions. To accomplish it, we offer you the following audit types:

  • Internal Audits: Servidores, servicios, sistemas operativos, mediante metodologías OSSTMM y OSCP.
  • External Audits: web, email, VPN, CMS, cloud, mediante metodologías OWASP y OSCP.
  • Auditorías redes Wifi: cobertura, cifrado, autenticación, redes no autorizadas… mediante metodología OWISAM.
  • Auditorías de grado de madurez: Revisión y comprobación de los aspectos en materia de seguridad que debe implantar una empresa.

Consultancy and normative complience

We carry out implementation consultancies and normative compliance audits for information security and business continuity.

To do so, we follow a cyber security certification process based on the main security standards:

  • National Security Scheme (ENS).
  • ISO 27001 information security management system.
  • ISO 22301 business continuity.
  • LOPD and new european data protection regulation.
  • PCI-DSS Standard.

Incident response

Our team of cyber security specialized technicians is in constant upgrade about the last technologies and standars of the sector. They will be part of your team during the tasks of detection, analysis, elimination and prevention against suffered attacks:

  • Minimize impact before an attack: for example, actions to recover data before an attack hard disk encryption.
  • Estimate the scope of the attack and its total elimination: For example, a virus that has entered the company network.
  • Collect the necessary evidence to proceed to report it.
  • Consulting to implement measures so that it does not happen again.


Many cyberattacks are based on social engineering techniques, and it happens that employees and managers may be the weakest link in the security of your company.

One of our main objectives is that employees assume the security of your company's data as another aspect of their work, as well as reinforce the knowledge and practices in cybersecurity of IT personnel:

  • Custom training for your company, in any aspect of security (normative complient, technic). Directed to the personnel with IT responsabilities in the company / agency.
  • Awareness for managers: 2-hour talks explaining the main attacks that a manager can suffer and how to defend themselves.
  • General awareness for the whole company / agency personnel on security matter.

Expertise and Expert Reports.

En ocasiones es necesario conocer o resolver conflictos o fraudes de los diferentes tipos de servicios, delitos y estafas informáticas. Nuestros expertos en peritaje judicial tecnológico elaboran informes periciales y asisten a juicios de temas administrativos, mercantiles, laborales o penales:

  • Interpretation of IT services contracts.
  • Normative and relation with institutions.
  • Technical reports from any kind.
  • Unfair Employees.
  • Computer attacks.
  • Extortion in social networks.

Digital forensic analysis.

When a cyberattack happens, it is necessary to know what information has been compromised and the damage caused.

The digital forensic analysis collects all possible evidence of the attack by applying techniques that identify, retrieve, preserve, analyze and present valuable information:

  • Data acquisition.
  • Analysis and research.
  • Report writing.