We are moving more and more towards a digital future. Valuable data is now stored in the cloud, your employee’s workstations connected and administered through Active Directory, guests coming into your office can connect to a free Wi-Fi, maybe you even have a smart coffee machine connected to your network. While those changes open new possibilities to be flexible and agile, with them a new need for security is arising.

Cyber security is a broad spectrum and all the possibilities might lead to confusion for you. For an easier understanding it is helpful to divide it into defensive and offensive Security. Defensive Security includes your Anti-Virus Program, your internal Security Guidelines, maybe even an internal Team within your company dedicated to protecting your data and employees. Having this in place is important but does not cover the full spectrum of what is needed to secure yourself and your company.

Atos’ Nordic Cyber Defense Center is a team of Ethical Hackers that use their skill and experience to protect, attack and solve. Our core skills as cyber security Professionals allow us to act in different roles and perform different tasks, providing the mindset of an attacker.

“We cannot solve our problems with the same thinking we used when we created them.” – Albert Einstein

This is where offensive Security comes in, here in particular, Attack Simulations, also widely known as Penetration Test. Offensive Security focuses on attacking a network to discover its vulnerable points. Such a test includes a team of Hackers attacking your company or solution, finding strategies to gain access to critical infrastructure. This is not only limited to digital solutions but can include your staff through Phishing Attack Simulations or your Physical Security through a Red Team Exercise or a custom-made test focusing on breaking into your building.

Throughout all the different Penetration Testing variations we deliver; we strive for technical excellence and staying as close as possible to the actual scenario of a malicious attack. This ensures that we will find and deliver the best mitigation techniques for every potential attack vector. In this process, we only use automated tools to a certain extent – as an actual Hacker trying to compromise your system would not stop if an automated scan does not find a way in, so we do not stop there either. Rather than simply focusing on finding vulnerabilities, we are searching for strategies to compromise any given target.