One of the "preferred activities" of our staff is the analysis of system security, which must be done during the implementation of the solutions demanded by the client.

It is fundamental for us to understand which security level the company has implemented in order to introduce our systems.

From this point of view, a series of activities exist (with your consent) that aim to: verify the security of your systems, analize the potential risks, and test the education of your technicians dealing with critcal systems and the plans of system modernization/protection.

An analysis of typical security can begin in two different ways:

1) The opportunity for our staff to understand the configuration and system specifics used by the customer (Full Disclosure Analysis)

2) Giving us the "white card", by allowing us to act as we must within the limits agreed upon by us and your company. Once the limits have been agreed upon we will be able to formulate our "plan of attack" (Zero Knowledge Analysis)

In any case, the clients will have the opportunity to create limits for our range of action, by first deciding where we must stop, and secondly by deciding whether to receive the attacks in an invisible or visable way. By doing so, the client is asking us to produce an attack that is either difficult for them to recognize, or one that is easiy recognizable so as to verify the skill-level of their security technicians.

In any case, you are able to verify the efficiency of your monitoring system by identifying our tampering attempts.

The duration and period of "attack" is always agreed upon with our client, and the techniques of the "mission" we are trusted with, will be written in a detailed report consisting of all of our activities.

Because we know the delicacy of the operation, our company will be able to eliminate all digital or paper support that contains information related to the customer's system, and to sign a confidentiality contract for maximum security with our consultants.

In every written document, explicit references to the system or the name of the client will NEVER be inserted. However, they may be included in conclusive tables in paper format that will be personally delivered only to a member taking part in the ownership of the company in question.