CYBERSECURITY SERVICES

We are a Consulting and Technological Audit company with a strong emphasis on Cybersecurity. In fact, we offer services that allow our clients to have their information secure against potential incidents and security attacks.

KEEP-IT-SECURE-24

Information Security should be regarded as a process of the organization and not only as a project. Therefore, we have developed an innovative approach that is much more efficient in performing persistent penetration tests.

AUDITING

Our Audit practice helps our client to identify potential risks, namely, Technical Vulnerabilities through one-off or Persistent Penetration Testing (KEEP-IT-SECURE-24), on top of this, INTEGRITY also provides recommendations and support to mitigate the identified issues.

CONSULTING

We support our clients in the implementation and adoption of controls used to effectively reduce the risk. Based on the deep knowledge and experience of our team we help companies to implement Information Security Management Best Practices and Standards.

TRAINING & AWARENESS

Organisations tend to invest in Technology and Processes but the weakest link is People. Thus, it is essential to assure the balance between these three elements of Information Security.

MORE SERVICES

Complex and peculiar problems deserve a multidisciplinary answer. Our specialized and crosswise know-how allows us to respond in a more assertive way, building synergistic teams to give answers to the most complex and critical challenges

TEAM

A team can only feel good about its clients if it feels good about itself. At INTEGRITY we give utmost importance to knowledge sharing, good working environment and healthy competition to obtain the maximum performance in what we do.

Qualifications:

MSc in Information Security (Royal Holloway)

PostGraduate in Information Security (Royal Holloway)

Certified Information Systems Auditor (CISA)

Certified Information Security Manager (CISM)

Certified in Risk and Information Systems Control (CRISC)

ISO 27001 Lead Auditor

Certified Information Systems Security Professional (CISSP)

Information Systems Security Management Professional (CISSP-ISSMP)

Offensive Security Certified Professional (OSCP)

GIAC Penetration Tester (GPEN)

eLearnSecurity Web application Penetration Tester eXtreme (eWPTX)

ITILv3

Offensive Security Web Expert (OSWE)

PCI QSA (Qualified Security Assessor)

INTEGRITY is essentially supported by a group of Expert and Senior professionals who are able to work in every area of focus due to a combination between their expertise and relevant Internation certifications.

INNOVATION

We can´t keep fighting current and future threats the same way we used to in the past.

Constant threat evolution and information technology dynamics, compels for a constant adaptation of practices, tools and approaches in the Cybersecurity world.

Capitalizing our experience, know-how and acknowledgment of current requirements, INTEGRITY has in its DNA the need to constantly create new and innovative approaches that can bring added-value.

Learn how we approach the innovation area »

CERTIFICATIONS & ACCREDITATIONS

INTEGRITY is a certified company that is focused on protecting its clients’ information and providing a world class service based on Industry Standards and best practices.

International reference and standard in Information Security Management. Its principle is to adopt a set of requirements, processes and controls to properly manage organisation risk. The goal of the accreditation has been the protection of our clients projects information.

INTEGRITY is the only Portuguese company approved by CREST concerning its Penetration Testing services, that take into account all the Technical and Management issues of Penetration Testing.

International reference and standard in Quality Management. The scope of INTEGRITY certification has been Consulting, Auditing and Advisory in Information Security and Implementation of Management Systems.

INTEGRITY has undergone a process of accreditation with the Portuguese National Security Cabinet (PNSC) to meet customer requirements and requests regarding the access and handling of classified information.

INTEGRITY was recognized by PCI Security Standards Council as a Qualified Security Assessor (QSA) certified entity, being our team of qualified consultants now capable of auditing companies’ processes associated with payment card transactions independently, in accordance with the PCI-DSS global security standard.

INTEGRITY has submitted to the accreditation process by Bancontact for payment security assessments in mobile applications under the Bancontact approval system.

CLIENTS

INTEGRITY provides service to a considerable number of large and medium-sized companies both at a national and international level. if you wish to find more about our references and projects, we will be happy to arrange a meeting with you.

Retail

Aviation

Industry

Energy

Healthcare

Government

Banking and Insurance

Service Organisations

Information Technology

Transportation

TESTIMONIES

BANKING

It’s very easy and reliable to work with INTEGRITY.

GOVERNMENT

External auditors say that they have never seen similar methodologies and they really make sense.

INDUSTRY

Thank you very much for your commitment and thanks for being so professional.

ENERGY

This is a win-win service and the report level is amazing.

HEALTH

The project is a success, the team has loads of technical expertise, they performed above expectations.

Currently we provide services in more than 19 Countries over 5 Continents.

LABS

by
Cláudio André

GOOGLE AOSP EMAIL APP HTML INJECTION

The Google AOSP Email App is vulnerable to HTML Injection on the email body. It allows a remote attacker to be able to send a crafted email with a payload that redirects the user to a target url as soon as he opens the email. This issue is not related with the email provider configured on the app but with the incorrect filter of potential dangerous tags on the client side. In the following PoC we sent an email with the HTML tag meta using the attribute...

Find out more of these on our Labs page »

by
Bruno Morisson

PIERCING SAPROUTER WITH METASPLOIT

Saprouter is basically a reverse proxy for SAP systems, typically sitting between the Internet and internal SAP systems. Its main purpose is to allow controlled access from hosts on the Internet to the internal SAP systems, since it allows for a finer grained... Read more »

by
Marco Vaz

FROM 0-DAY TO EXPLOIT – BUFFER OVERFLOW IN BELKIN N750 (CVE-2014-1635)

A vulnerability in the guest network web interface of the Belkin N750 DB Wi-Fi Dual-Band N+ Gigabit Router with firmware F9K1103_WW_1.10.16m, allows an unauthenticated remote attacker to gain root access to the operating... Read more »

CONTACTS

Portugal

Av. João Crisóstomo, n.º 30, 5º
1050-127, Lisboa | Portugal
T: +351 21 33 03 740
E: info@integrity.pt

United Kingdom

Suite 4B
43 Berkeley Square
Mayfair, Westminster
London, W1J 5FJ | United Kingdom
T: +44 20 3318 0800

España

Calle Edgar Neville, 6
28020, Madrid | España

EBOOK Overview 2020

Top Vulnerabilities and Recommendations

Download »

PASSION FOR CYBERSECURITY

PARTNERSHIP ATTITUDE

ADAPTABILITY

FOCUS ON EXCELLENCY

CYBERSECURITY SERVICES

KEEP-IT-SECURE-24

AUDITING

CONSULTING

TRAINING & AWARENESS

MORE SERVICES

TEAM

Qualifications:

INNOVATION

CERTIFICATIONS & ACCREDITATIONS

CLIENTS

TESTIMONIES

It’s very easy and reliable to work with INTEGRITY.

External auditors say that they have never seen similar methodologies and they really make sense.

Thank you very much for your commitment and thanks for being so professional.

This is a win-win service and the report level is amazing.

The project is a success, the team has loads of technical expertise, they performed above expectations.

LABS

GOOGLE AOSP EMAIL APP HTML INJECTION

PIERCING SAPROUTER WITH METASPLOIT

FROM 0-DAY TO EXPLOIT – BUFFER OVERFLOW IN BELKIN N750 (CVE-2014-1635)

CONTACTS

Portugal

United Kingdom

España

EBOOK Overview 2020

Top Vulnerabilities and Recommendations

EBOOK Overview 2020

Top Vulnerabilities and Recommendations

PenTesting Project

Persistent PenTesting (MSP)

Mobile Application Penetration Testing

ISO 27001

ISO 27701

General Data Protection Regulation (GDPR)

Payment Card Industry Data Security Standard (PCI-DSS)

Risk Management

Compliance Management

Custom Project

INTEGRITY 360º Security Review

Teleworking & Secure Business Continuity

Ransomware Resilience Assessment

IntegrityGRC

27001 Manager

InfosecRating

Keep-It-Secure-24

Keep-It-Managed-24

Security Management

Security Awakening

Security Development