2. Overview – About Us
Key Experts
The Team
Technical Competencies
Ethical Hacking
Cyber Threat Analysis
Cyber Defence Exercises
Multi-level Information Security Awareness Programs
Information Security Courses and Education Program Development
Reputation Management
Cyber Defence Services
Advanced Cyber Services Portfolio
Key References
Table of ContentsWE ESTABLISH ORDER
3. Overview – About Us
Founded in
2015
Founders and key experts are information security
veterans with proven international reputation
Available
resources
10+ Senior consultants
20+ Sofware/Hardware Developers
20+ Sofware/Hardware Testers
Qualifications
of the team
9 Certified Ethical Hackers (KCEH)
3 International CEHs
4 Offensive Security Certified Professionals (OSCP)
Services
Ethical hacking
Cyber threat analysis
Cyber (defence) exercises (planning, execution)
Multi-level information security awareness trainings – Gamification
Information security and IT security courses, development
Reputation management
Key
references
NATO
UAE Dubai
ZAIN Kuwait
EU Council
Significant role in establishing national cyber security and defence potentials (incl. establishing and
managing National Security Authority Cyber Defence Management Authority of Hungary)
WE ESTABLISH ORDER
4. Anett
Mádi-
Nátor
Senior cyber security expert (strategic,
administrative) and trainer
10 years working experience for government, NATO,
European Union, and private sector incl. critical
information infrastructure (approx. 400 projects on
5 (sub)continents)
Recent positions include HUN MilCIRC Head of
Coordination (2015), NATO Cyber Defence Capability
Team Chair (2013-2015), NATO Cyber Coalition
Exercises Core Stategic and Administrative Planner
(2012-2015)
HUN NSA CDMA Administrative Head (2011-2015)
KÜRT Academy Ethical Hacking Course Lead of
Strategic Communication and Project Management
Module
Ferenc
Frész
Senior cyber security expert (strategic,
technical) and trainer
Approx. 20 years working experience for
government, NATO, European Union, and
private sector incl. critical information
infrastructure (more than 1400 projects on 5
(sub)continents)
Recent positions inlcude HUN MilCIRC
Technical Head (2015), HUN National Rep. to
NATO Cyber Defence Capability Team (2011-
2015), NATO Cyber Coalition Exercises Core
Technical Planner (2012-2015)
HUN NSA CDMA Head, Founder and Lead
Trainer of KÜRT Ethical Hacking Course
Key ExpertsWE ESTABLISH ORDER
5. TheTeam
Qualification
9 Certified Ethical Hackers
(KCEHA)
3 International CEHs
4 Offensive Security Certified
Professionals (OSCP)
Core
competencies
Analysis of complex IT systems
IT and information security expert activity
Hardening process support
Planning and management of IT processes and projects
Information security process support
System design and documentation
Incident management (log analysis and investigative network activities –
network forensics and forensics)
Supervision of critical infrastructure IT networks
Installation and support of critical infrastructure system servers
Software/hardware development
Software/hardware testing
Resources 10+ Senior consultants, advisors
20+ Developers
20+ Testers
WE ESTABLISH ORDER
6. Technical Competencies
Windows 2008 R2 DNS, AD, DC
installation, support
Linux, Unix servers installation,
support
Exchange 2007 SP3 installation,
support
CISCO Firewalls ASA551xx
programming, installation,
support
CISCO switch family –
programming, installation,
support
Professional consultation on
qualified operator networks
Python, C, C++, C#, Ruby, Php,
OpenCL programming
(Windows, Linux)
BASH scripting ’Reverse engineering –
hardware (motherboard)
compromise capabilities’
Application databases
management – MySQL, MSSQL,
Oracle, etc.
NoSQL-s
Cyber exercises planning and
exeution based on NATO and
NATO/EU compatible
methodologies
Tempest evaluation, reporting
based on EU / NATO / National
criteria
Preparing classified information
processing workstations for
accreditation, monitoring;
consultation
WE ESTABLISH ORDER
7. Ethical Hacking
Black Box,
Grey Box,
White Box
Testing,
Assessments
External
Infrastructure
Testing,
Assessments
Internal
Infrastructure
Testing,
Assessments
Application
Testing,
Assessments
Automated,
Manual, and
Hybrid
Vulnerability
Assessments
Methodology
Reconnaissance Scanning Testing Exploitation
Report of
Findings
WE ESTABLISH ORDER
8. CyberThreat Analysis
Focuses on revealing and identifying modern, so called asymmetric threat actors
Enables proactive decision making
Enables identifying and analysing hacktivist teams, hacker groups and state sponsored malicious
threat actors
Creates the capability to protect and to prepare for any potential cyber attacks
WE ESTABLISH ORDER
9. Cyber Defence Excercises
Cyber (defence) exercises serve the purpose of testing, developing, and training the ability of organisations and commercial entities to
defend their networks and information protection systems from various challenges that those are to face when operating in the virtual
space.
A well-developed cyber exercise tests systems and networks to make sure that those are able to keep pace with evolving threats. The
human factor matters as well, as exercises also test individual and collective skills and expertise of cyber specialists of organisations and
companies.
Exercises provide the opportunity to involve all experts from technical fields up to the highest level decision making entities, even from
remote locations.
One important internal goal of such exercises is to exchange critical cyber information and promote a collective defence approach in a
rapid manner. Then coordinated response approaches may be developed and followed in due course for real life situations, to mitigate
and eliminate virtual attacks to result in consequences that are real and potentially destructive.
Cyber exercises may be developed at various levels from table-top (mostly administrative) to fully developed and highly technical formats.
WE ESTABLISH ORDER
10. Multi-level Information Security Awareness Programs
Multi-level
(corporate-wide)
information
security awareness
programs and
campaigns for
general users,
system
administrators,
system developers,
privileged users,
internal trainers
Contact sessions
E-learning and e-campaigns through social media (apps)
Technical and social challenges
Gamification
’Policy in Practice’
’Train the Trainer’
WE ESTABLISH ORDER
11. Information Security Courses and Education Program Development
Cyber Threat Analysis
Log Analysis and Log Management
Network Forensics
Social Engineering
Incident Handling and Management
(incl. Early Warning, Incident Response, and Incident Mitigation)
IT Project Communication (strategic approach)
Cyber Defence Management
WE ESTABLISH ORDER
12. Reputation Management
Real time influencer monitoring
Implementing communicational content search engine optimizing strategy for existing and
future search terms on the client organisations and commercial entities
Real time content creation
Real time link shield building
Proactive actions prior to important initiatives of client organisations and commercial entities
may launch
WE ESTABLISH ORDER
13. Cyber Defence Services
Preventive (Proactive) Defence
•CTAC (CYBER THREAT ANALYSIS)
•AWARENESS
•ETHICAL HACKING
•GAMIFICATION
•CYBER EXCERCISES
Managed Security Services
•MONITORING
•LOG MANAGEMENT
•INCIDENT MANAGEMENT
•VULNERABILITY MANAGEMENT
•APT and ZERODAY MANAGEMENT
Incident Response
•INCIDENT INVESTIGATION
•COMPUTER AND NETWORK FORENSICS
•MALWARE ANALYSIS
Mitigation
•RISK AND IMPACT MITIGATION
•SYSTEM HARDENING
•SOFTWARE REFACTORING
Information Exchange
•EARLY WARNING (VULNERABILITY
INFORMATION EXCHANGE)
•BUSINESS PROCESS REENGINEERING
•TEAM DEVELOPMENT
•DECISION SUPPORT
•3rd PARTIES IIEX
WE ESTABLISH ORDER
14. Advanced Cyber Services Portfolio
Proactive
Defence
CTAC (CYBER
THREAT
ANALYSIS)
AWARENESS
ETHICAL
HACKING
REPUTATION
MANAGEMENT
GAMIFICATION
CYBER
EXCERCISES
Managed
Security
Services
MONITORING
LOG
MANAGEMENT
INCIDENT
MANAGEMENT
VULNERABILITY
MANAGEMENT
APT and 0day
MANAGEMENT
Incident
Response
INCIDENT
INVESTIGATION
COMPUTER AND
NETWORK
FORENSICS
MALWARE
ANALYSIS
Mitigation
RISK AND
IMPACT
MITIGATION
SYSTEM
HARDENING
SOFTWARE
REFACTORING
Information
Exchange
EARLY WARNING
BUSINESS
PROCESS
REENGINEERING
TEAM
DEVELOPMENT
DECISION
SUPPORT
3rd PARTIES IIEX
Strategic
Planning
POLICY
DEVELOPMENT
CYBER DEFENCE
MANAGEMENT
SUPPORT AND
CONSULTING
Research and
Developement
STARTUP
INCUBATION
AUTOMATED
METHODS
DEVELOPMENT
BIGDATA
ANALYSIS
DEVELOPMENT
WE ESTABLISH ORDER
15. Ethical hacking trainings for approx. 10 years (English, Hungarian) – duration varies b/w 2 weeks – 10 months
KÜRT Academy Ethical Hacking course for 6 years
NATO Cyber Coalition Exercises – core strategic, administrative, and technical planning (incl. Enterprise, Allies, Partners), 2012 – 2015
HUN MoD MilCIRC capability development, internal trainings for CTAC and forensics, 2015
UAE Dubai Smart Government GWISAP – Government Wide Information Security Awareness Program, developing and managing
content of program; developing, managing content of, and conducting ’Train the Trainer’ module, 2013 – 2014
HUN National Security Authority Cyber Defence Management Authority development and management, internal training of
employees incl. CTAC, network forensics, log analysis, etc., 2011 – 2015
SME IT security trainings for the HUN government IT service provider, incl. information security awareness
EU Council SME IT Security Awareness course, course development and conducting the course, 2012
ZAIN Kuwait – SME IT security awareness and IT professional courses, information security awareness campaigns 2010 – 2015
Global Conference on CyberSpace 2015 – Responsible Disclosure Initiative, founders of initiative (Global Forum on Cyber Expertise)
and participating national representatives
Key ReferencesWE ESTABLISH ORDER