Information Security should be regarded as a process of the organization and not only as a project. Therefore, we have developed an innovative approach that is much more efficient in performing persistent penetration tests.
Our Offensive Security Services helps our client to identify potential risks, namely, Technical Vulnerabilities through one-off or Persistent Penetration Testing (KEEP-IT-SECURE-24), on top of this, Devoteam Cyber Trust also provides recommendations and support to mitigate the identified issues.
We support our clients in the implementation and adoption of controls used to effectively reduce the risk. Based on the deep knowledge and experience of our team we help companies to implement Information Security Management Best Practices and Standards.
Training & Awareness
Organisations tend to invest in Technology and Processes but the weakest link is People. Thus, it is essential to assure the balance between these three elements of Information Security.
Complex and peculiar problems deserve a multidisciplinary answer. Our specialized and crosswise know-how allows us to respond in a more assertive way, building synergistic teams to give answers to the most complex and critical challenges.
A team can only feel good about its clients if it feels good about itself. At Devoteam Cyber Trust we give utmost importance to knowledge sharing, good working environment and healthy competition to obtain the maximum performance in what we do.
Devoteam Cyber Trust is essentially supported by a group of Expert and Senior professionals who are able to work in every area of focus due to a combination between their expertise and relevant Internation certifications.
MSc in Information Security (Royal Holloway)
PostGraduate in Information Security (Royal Holloway)
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM)
Certified in Risk and Information Systems Control (CRISC)
ISO 27001 Lead Auditor
Certified Information Systems Security Professional (CISSP)
Information Systems Security Management Professional (CISSP-ISSMP)
Offensive Security Certified Professional (OSCP)
GIAC Penetration Tester (GPEN)
eLearnSecurity Web application Penetration Tester eXtreme (eWPTX)
Offensive Security Web Expert (OSWE)
PCI QSA (Qualified Security Assessor)
We can´t keep fighting current and future threats the same way we used to in the past.
Constant threat evolution and information technology dynamics, compels for a constant adaptation of practices, tools and approaches in the Cybersecurity world.
Capitalizing our experience, know-how and acknowledgment of current requirements, Devoteam Cyber Trust has in its DNA the need to constantly create new and innovative approaches that can bring added-value.
We are a certified company that is focused on protecting its client's information and providing a world class service based on Industry Standards and best practices.
International reference and standard in Information Security Management. Its principle is to
adopt a set of requirements, processes and controls to properly manage organisation risk. The goal of
the accreditation has been the protection of our clients projects information.
We are the only Portuguese company approved by CREST concerning its Penetration Testing
services, that take into account all the Technical and Management issues of Penetration Testing.
International reference and standard in Quality Management. The scope of our certification
has been Consulting, Auditing and Advisory in Information Security and Implementation of Management
We undergone a process of accreditation with the Portuguese National Security Cabinet
(PNSC) to meet customer requirements and requests regarding the access and handling of
We were recognized by PCI Security Standards Council as a Qualified Security Assessor (QSA)
certified entity, being our team of qualified consultants now capable of auditing companies’
processes associated with payment card transactions independently, in accordance with the PCI-DSS
global security standard.
We submitted to the accreditation process by Bancontact for payment security assessments in mobile applications under the Bancontact approval system.
We provide service to a considerable number of large and medium-sized companies both at a national and international level. if you wish to find more about our references and projects, we will be happy to arrange a meeting with you.
Banking and Insurance
Currently we provide services in more than 20 Countries over 5 Continents.
TL;DR Apple’s iOS IKEv2 VPN On Demand may leak traffic when it is unable to establish an IPSEC tunnel to the defined VPN gateway. We’ve reported this to Apple, and after analysing it they didn’t consider it a security issue. Details VPN On Demand is a feature from iOS (and OSX) that allows the enforcement of a specific set of rules when the connection being used by the iOS device requires a specific VPN connection in order to...
This article summarises the discovery and analysis of the XXE vulnerability in Apple iOS Office Viewer (CVE-2015-3784). It assumes the reader already has a basic understanding of XXE attacks. Also, tests are performed on a jailbroken iOS device for...
A vulnerability in the guest network web interface of the Belkin N750 DB Wi-Fi Dual-Band N+ Gigabit Router with firmware F9K1103_WW_1.10.16m, allows an unauthenticated remote attacker to gain root access to the operating...
Edifício Atrium Saldanha
Praça Duque de Saldanha, nº 1, 2º andar
1050-094, Lisboa | Portugal
T: +351 21 33 03 740
5th Floor, Cottons Centre
London, SE1 2QG | United Kingdom
T: +44 20 7288 2800
Calle Cronos 63, 4ª planta Oficina 2
28037, Madrid | España
T: +34 91 376 88 20