+965 99644047 Info@soorsecurity.com

Our Services

Know more about our services and the concepts behind them.

Penetration Testing

Let us take the role of the hackers and attack the systems to discover the holes and weak points before the real attackers do.

Web vulnerability scanning

Let’s inspect your website to check for security holes that cloud lead to an information leak or more.

Online Consulting

Tell us your problems or questions, we are here to help.

We will arrange on-line meeting (Microsoft Teams) to discuss all your problems.

 

Penetration Testing

 

Inspect your systems & network from the attacker’s point of view.
With this service, we will use the hacker’s tools and techniques to discover the weak points in your business network and systems without any harm.
The final report will include al the steps and finding in all the attack steps, then. By securing the weak points, the business information security will increase.

.

” A penetration test, colloquially known as a pen test, pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system.[1][2] Not to be confused with a vulnerability assessment.[3] The test is performed to identify both weaknesses (also referred to as vulnerabilities), including the potential for unauthorized parties to gain access to the system’s features and data,[4][5] as well as strengths,[6] enabling a full risk assessment to be completed.

The process typically identifies the target systems and a particular goal, then reviews available information and undertakes various means to attain that goal. A penetration test target may be a white box (which provides background and system information) or black box (which provides only basic or no information except the company name). A gray box penetration test is a combination of the two (where limited knowledge of the target is shared with the auditor).[7] A penetration test can help determine whether a system is vulnerable to attack if the defenses were sufficient, and which defenses (if any) the test defeated ”
Wikipedia

Request service
How many IP the test will cover

Web site security scanning

Do you have a website ? How secure it is ?
We will scan your website for vulnerabilities, old forgotten pages, and other risks that can damage your business, such as Cross-site scripting, SQL Injection, Command Injection, Path Traversal and insecure server configuration.

The majority of web application attacks occur through cross-site scripting (XSS) and SQL injection attacks[2] which typically are made possible by flawed coding and failure to sanitize application inputs and outputs. These attacks are ranked in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors.[3]

According to the security vendor Cenzic, the top vulnerabilities in March 2012 include:[4]

37% Cross-site scripting
16% SQL injection
5% Path disclosure
5% Denial-of-service attack
4% Arbitrary code execution
4% Memory corruption
4% Cross-site request forgery
3% Data breach (information disclosure)
3% Arbitrary file inclusion
2% Local file inclusion
1% Remote file inclusion
1% Buffer overflow
15% Other, including code injection (PHP/JavaScript), etc.
The Open Web Application Security Project (OWASP) provides free and open resources. It is led by a non-profit called The OWASP Foundation. The OWASP Top 10 – 2017 is the published result of recent research based on comprehensive data compiled from over 40 partner organizations. From this data, approximately 2.3 million vulnerabilities were discovered across over 50,000 applications.[5] According to the OWASP Top 10 – 2017, the ten most critical web application security risks include:[6]

Injection
Broken authentication
Sensitive data exposure
XML external entities (XXE)
Broken access control
Security misconfiguration
Cross-site scripting (XSS)
Insecure deserialization
Using components with known vulnerabilities
Insufficient logging and monitoring.
Source: Wikipedia

Request service

Phishing simulation

Are your employees the weakest link ? let test their security awareness by sending them a phishing email.
Phishing simulation guards your business against social-engineering threats by training your employees to identify and report them. Cybercriminals use phishing, the fraudulent attempt to obtain sensitive information such as credit card details and login credentials, by disguising as a trustworthy organization or reputable person in an email communication. Phishing emails are also used to distribute malware and spyware through links or attachments that can steal information and perform other malicious tasks.

“Simulated phishing or a phishing test is where deceptive emails, similar to malicious emails, are sent by an organisation to their own staff to gauge their response to phishing and similar email attacks. The emails themselves are often a form of training, but such testing is normally done in conjunction with prior training; and often followed up with more training elements. This is especially the case for those who “fail” by opening email attachments, clicking on included weblinks, or entering credentials”.
Source: wikipedia

Request service
Company email
How many employees you want to receive the phishing email ?

OnLine Consultation

Let us engage and hear directly from you, and have immediate solution to your problems.

We can setup a MS Teams meeting to discuss together.

please fill the form or email us or contact us by WhatsApp or call to setup the meeting.

EMail: Info@soorsecurity.com

WhatsApp & Call: +96599644047

 

Request service

Size based on number of employees and company branches
Describe the problem facing the company or what do you expect from our services

Please Contact Us

Size based on number of employees and company branches
Describe the problem facing the company or what do you expect from our services