MME Company Presentation
Upcoming SlideShare
Loading in...5
×
 

MME Company Presentation

on

  • 165 views

MMEs company presentation.

MMEs company presentation.
MME is specialized in Security Audits, Penetration Testing, Vulnerability Assessment and InfoSec Training.

Statistics

Views

Total Views
165
Views on SlideShare
163
Embed Views
2

Actions

Likes
0
Downloads
1
Comments
0

1 Embed 2

http://www.slideee.com 2

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

MME Company Presentation MME Company Presentation Presentation Transcript

  • © 2014 MME BVBA, all rights reserved. | IT Audits & SecurityMME Company Presentation
  • © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  • © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  • © 2014 MME BVBA, all rights reserved. About us  MME BVBA, founded in 2010  Specialized in security audits and training  Objective approach, vendor independent  Our focus is to advise and to educate  We are not selling any products! | ITAudits&SecurityMME
  • © 2014 MME BVBA, all rights reserved. About us  Malik Mesellem - Founder and CEO  Over 15 years of experience as an IT professional  Worked as a Systems Engineer, Developer, IT Manager  Passion for Ethical Hacking and Penetration Testing  Obsessed with Windows and web application (in)security
  • © 2014 MME BVBA, all rights reserved. About us  Malik Mesellem - Certifications  GIAC GPEN  EC-Council CEH  MCSE Security, MCSA Security, MCITP, MCT  CompTIA Security+, Network+, A+  Vasco VCE/VCT  Citrix CCA
  • © 2014 MME BVBA, all rights reserved. About us  Malik Mesellem - Honors  Guest Professor HOWEST ‘Computer & Cyber Crime Professional’ (bachelor)  Guest Speaker at conferences ECSA, Infosecurity, SANS 2014, B-Sides Orlando, TDIS,...  OWASP ZAP Evangelist / SANS Mentor Belgium Zed Attack Proxy / Network Pentesting & Ethical Hacking  Security Trainer Belgacom JCA, Global Knowledge, Syntra, Escala,...
  • © 2014 MME BVBA, all rights reserved. About us  Malik Mesellem - Projects  Vulnerability Researcher CVE: 2013-4890, MS RDP Pass-the-Hash  bWAPP - ‘a buggy web application’ Open source deliberately insecure web application. Helps security enthusiasts and students to discover and to prevent web vulnerabilities (10.000+ downloads)
  • © 2014 MME BVBA, all rights reserved. About us  Diversity of security services  Security Audits  Security Training  Security Software  Malware Analysis  Design & Configuration  Server Hardening  Source Code Review
  • © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  • © 2014 MME BVBA, all rights reserved. Security Audits  We offer a wide range of security audits  Vulnerability Assessment  Network Penetration Testing  Web Application Penetration Testing  Active Directory and Password Audits  Malware Analysis and Botnet Detection  Wireless Security Surveys  Configuration Reviews  DoS and Stress Testing
  • © 2014 MME BVBA, all rights reserved. Security Audits  Every audit starts with a risk analysis  Critical assets are defined  Threats regarding these assets are analyzed  Audit checkpoints are based on those threats  A risk level is calculated for each checkpoint
  • © 2014 MME BVBA, all rights reserved.  The risk level is determined using the following calculation: Risk Level = Impact x Probability Security Audits
  • © 2014 MME BVBA, all rights reserved. Security Audits  Penetration testing identifies and exploits vulnerabilities that may exist within the infrastructure  Ethical hacking techniques are used ‘Like a hacker, but from an ethical point of view’  Advantages +++  Confirms potential vulnerabilities by excluding false positives  Protects the network against intruders and malicious software  Guarantees that your defense measures are working effectively  Provides a higher availability, and maps the environment
  • © 2014 MME BVBA, all rights reserved. Security Audits  Web application penetration testing is focusing on evaluating the security of a web application  The application is tested for known vulnerabilities  Automatic, semi-automatic as well as manual tests  Different commercial ‘state-of-art’ vulnerability scanners  To exclude false positives, all results are manually verified!  Official OWASP methodology  Based on the OWASP Top 10 Project (more)
  • © 2014 MME BVBA, all rights reserved. Security Audits  Some checkpoints in our web app penetration testing  Injections (HTML, SQL, XML, LDAP,...)  CSRF or Cross-Site Request Forgery  XSS or Cross-Site Scripting  Parameter Modification  Security Misconfiguration  Session Management  Broken Authentication  Sensitive Data Exposure
  • © 2014 MME BVBA, all rights reserved.  Our Heartbeat Scan is a complete security audit  All critical and vital parts are scanned and analyzed  Potential threats and vulnerabilities are identified  Spread over several days, for a fixed price  Comprehensive checkpoints  A risk level is calculated for each check Security Audits
  • © 2014 MME BVBA, all rights reserved. Security Audits  Checkpoints in our Heartbeat Scan  Vulnerability Assessment  Internal and External Penetration Test  Active Directory Review and Password Audit  Software Updates Compliance Check  Business Continuity - Disaster Recovery Check  Firewall Configuration Review  Wireless Security Survey  Endpoint and Malware Check
  • © 2014 MME BVBA, all rights reserved. Security Audits  Optional checkpoints in the Hearbeat Scan  Web Application Penetration Test  Malware Analysis and Botnet Detection  Social Engineering Test  Source Code Analysis
  • © 2014 MME BVBA, all rights reserved. Security Audits
  • © 2014 MME BVBA, all rights reserved. Security Audits
  • © 2014 MME BVBA, all rights reserved. Security Audits
  • © 2014 MME BVBA, all rights reserved. Security Audits
  • © 2014 MME BVBA, all rights reserved. Security Audits  The report is a very important aspect  Also made with an objective approach  Understandable, not auto-generated!  Comprehensive, it includes  Management and technical part  List of potential investments  Detailed findings and advice  Customized action plan
  • © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  • © 2014 MME BVBA, all rights reserved. Security Training  Unique security courses, seminars, and workshops  Ethical Hacking Basics (pdf)  Ethical Hacking Advanced (pdf)  Attacking & Defending Web Apps with bWAPP (pdf)  Plant the Flags with bWAPP (pdf)  What is bWAPP? (pdf)  Windows Server 2012 Security (pdf)  IT Security BOOTCAMP
  • © 2014 MME BVBA, all rights reserved. Security Training
  • © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  • © 2014 MME BVBA, all rights reserved. References  We have realized successful projects with companies in every sector of industry  Colleges and training institutes  Flemish and federal government  Healthcare and retail sector  ICT companies and telecom operators  Investment and financial companies  Non-profit organizations  Stock listed companies
  • © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  • © 2014 MME BVBA, all rights reserved. Contact us  MME BVBA - Malik Mesellem Email | info@mmeit.be LinkedIn | be.linkedin.com/in/malikmesellem Twitter | twitter.com/MME_IT Blog | itsecgames.blogspot.com
  • © 2014 MME BVBA, all rights reserved. Contact us  Follow MME on Twitter  Receive info on the latest security news  Take advantage of discounts on our courses  Join our free online security challenges  Stay updated on bWAPP @MME_IT #bWAPP #itsecgames