MME Company Presentation

434 views
336 views

Published on

MMEs company presentation.
MME is specialized in Security Audits, Penetration Testing, Vulnerability Assessment and InfoSec Training.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
434
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

MME Company Presentation

  1. 1. © 2014 MME BVBA, all rights reserved. | IT Audits & SecurityMME Company Presentation
  2. 2. © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  3. 3. © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  4. 4. © 2014 MME BVBA, all rights reserved. About us  MME BVBA, founded in 2010  Specialized in security audits and training  Objective approach, vendor independent  Our focus is to advise and to educate  We are not selling any products! | ITAudits&SecurityMME
  5. 5. © 2014 MME BVBA, all rights reserved. About us  Malik Mesellem - Founder and CEO  Over 15 years of experience as an IT professional  Worked as a Systems Engineer, Developer, IT Manager  Passion for Ethical Hacking and Penetration Testing  Obsessed with Windows and web application (in)security
  6. 6. © 2014 MME BVBA, all rights reserved. About us  Malik Mesellem - Certifications  GIAC GPEN  EC-Council CEH  MCSE Security, MCSA Security, MCITP, MCT  CompTIA Security+, Network+, A+  Vasco VCE/VCT  Citrix CCA
  7. 7. © 2014 MME BVBA, all rights reserved. About us  Malik Mesellem - Honors  Guest Professor HOWEST ‘Computer & Cyber Crime Professional’ (bachelor)  Guest Speaker at conferences ECSA, Infosecurity, SANS 2014, B-Sides Orlando, TDIS,...  OWASP ZAP Evangelist / SANS Mentor Belgium Zed Attack Proxy / Network Pentesting & Ethical Hacking  Security Trainer Belgacom JCA, Global Knowledge, Syntra, Escala,...
  8. 8. © 2014 MME BVBA, all rights reserved. About us  Malik Mesellem - Projects  Vulnerability Researcher CVE: 2013-4890, MS RDP Pass-the-Hash  bWAPP - ‘a buggy web application’ Open source deliberately insecure web application. Helps security enthusiasts and students to discover and to prevent web vulnerabilities (10.000+ downloads)
  9. 9. © 2014 MME BVBA, all rights reserved. About us  Diversity of security services  Security Audits  Security Training  Security Software  Malware Analysis  Design & Configuration  Server Hardening  Source Code Review
  10. 10. © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  11. 11. © 2014 MME BVBA, all rights reserved. Security Audits  We offer a wide range of security audits  Vulnerability Assessment  Network Penetration Testing  Web Application Penetration Testing  Active Directory and Password Audits  Malware Analysis and Botnet Detection  Wireless Security Surveys  Configuration Reviews  DoS and Stress Testing
  12. 12. © 2014 MME BVBA, all rights reserved. Security Audits  Every audit starts with a risk analysis  Critical assets are defined  Threats regarding these assets are analyzed  Audit checkpoints are based on those threats  A risk level is calculated for each checkpoint
  13. 13. © 2014 MME BVBA, all rights reserved.  The risk level is determined using the following calculation: Risk Level = Impact x Probability Security Audits
  14. 14. © 2014 MME BVBA, all rights reserved. Security Audits  Penetration testing identifies and exploits vulnerabilities that may exist within the infrastructure  Ethical hacking techniques are used ‘Like a hacker, but from an ethical point of view’  Advantages +++  Confirms potential vulnerabilities by excluding false positives  Protects the network against intruders and malicious software  Guarantees that your defense measures are working effectively  Provides a higher availability, and maps the environment
  15. 15. © 2014 MME BVBA, all rights reserved. Security Audits  Web application penetration testing is focusing on evaluating the security of a web application  The application is tested for known vulnerabilities  Automatic, semi-automatic as well as manual tests  Different commercial ‘state-of-art’ vulnerability scanners  To exclude false positives, all results are manually verified!  Official OWASP methodology  Based on the OWASP Top 10 Project (more)
  16. 16. © 2014 MME BVBA, all rights reserved. Security Audits  Some checkpoints in our web app penetration testing  Injections (HTML, SQL, XML, LDAP,...)  CSRF or Cross-Site Request Forgery  XSS or Cross-Site Scripting  Parameter Modification  Security Misconfiguration  Session Management  Broken Authentication  Sensitive Data Exposure
  17. 17. © 2014 MME BVBA, all rights reserved.  Our Heartbeat Scan is a complete security audit  All critical and vital parts are scanned and analyzed  Potential threats and vulnerabilities are identified  Spread over several days, for a fixed price  Comprehensive checkpoints  A risk level is calculated for each check Security Audits
  18. 18. © 2014 MME BVBA, all rights reserved. Security Audits  Checkpoints in our Heartbeat Scan  Vulnerability Assessment  Internal and External Penetration Test  Active Directory Review and Password Audit  Software Updates Compliance Check  Business Continuity - Disaster Recovery Check  Firewall Configuration Review  Wireless Security Survey  Endpoint and Malware Check
  19. 19. © 2014 MME BVBA, all rights reserved. Security Audits  Optional checkpoints in the Hearbeat Scan  Web Application Penetration Test  Malware Analysis and Botnet Detection  Social Engineering Test  Source Code Analysis
  20. 20. © 2014 MME BVBA, all rights reserved. Security Audits
  21. 21. © 2014 MME BVBA, all rights reserved. Security Audits
  22. 22. © 2014 MME BVBA, all rights reserved. Security Audits
  23. 23. © 2014 MME BVBA, all rights reserved. Security Audits
  24. 24. © 2014 MME BVBA, all rights reserved. Security Audits  The report is a very important aspect  Also made with an objective approach  Understandable, not auto-generated!  Comprehensive, it includes  Management and technical part  List of potential investments  Detailed findings and advice  Customized action plan
  25. 25. © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  26. 26. © 2014 MME BVBA, all rights reserved. Security Training  Unique security courses, seminars, and workshops  Ethical Hacking Basics (pdf)  Ethical Hacking Advanced (pdf)  Attacking & Defending Web Apps with bWAPP (pdf)  Plant the Flags with bWAPP (pdf)  What is bWAPP? (pdf)  Windows Server 2012 Security (pdf)  IT Security BOOTCAMP
  27. 27. © 2014 MME BVBA, all rights reserved. Security Training
  28. 28. © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  29. 29. © 2014 MME BVBA, all rights reserved. References  We have realized successful projects with companies in every sector of industry  Colleges and training institutes  Flemish and federal government  Healthcare and retail sector  ICT companies and telecom operators  Investment and financial companies  Non-profit organizations  Stock listed companies
  30. 30. © 2014 MME BVBA, all rights reserved. Company Presentation  About us  Security Audits  Security Training  Security Software  References  Contact us
  31. 31. © 2014 MME BVBA, all rights reserved. Contact us  MME BVBA - Malik Mesellem Email | info@mmeit.be LinkedIn | be.linkedin.com/in/malikmesellem Twitter | twitter.com/MME_IT Blog | itsecgames.blogspot.com
  32. 32. © 2014 MME BVBA, all rights reserved. Contact us  Follow MME on Twitter  Receive info on the latest security news  Take advantage of discounts on our courses  Join our free online security challenges  Stay updated on bWAPP @MME_IT #bWAPP #itsecgames

×