Products

Extensive opportunities to conduct simulated hacking attacks performed by cyber security experts; safe practice of the most common threats, enabling systems to be adjusted to respond appropriately to an attack, with access to extensive knowledge of cyber threats.

aptdefend.com →

A solution that gives our customers early warning of attempted attacks. It consists of four modules:

• Domain Monitor — verifies registered domains that look similar to the client’s domains, often used in phishing attacks.
• Certificate Monitor — constantly monitors certificates signed by trusted CAs using the Certificate Transparency mechanism.
• Scan Robot — monitors detected domains and links for content; reports password-phishing attempts to the client.
• Fake Victim — verifies messages routed to company social-media accounts and tools such as Microsoft Teams or Slack.

All of this is wrapped in a clear web console where the client can view detected attempts and system activity. The tool also sends email and SMS notifications. We additionally offer the option to run some scans from the client’s infrastructure — professional attacks are often served only to the victim’s address. The whole system is supervised by industry professionals.

webSurgeon is an advanced solution designed to support organisations in responding effectively to security incidents that call for non-standard and flexible action. It works as a proxy server between Azure Application Gateway and the API, enabling precise management and modification of selected requests. This gives organisations better control over their traffic and the ability to block or modify suspicious requests, effectively preventing threats from escalating.

The scripts shipped with the system can be deployed while an incident is ongoing, giving great freedom in tailoring the response to the specific conditions surrounding the incident. The provider’s team supports the creation and deployment of dedicated scripts, significantly increasing the flexibility of threat response. The provider has prepared a set of ready-made scripts that include, among others:

• logging requests to Azure Application Insights and an internal logging component,
• logging selected fragments of requests,
• rejecting requests based on patterns (e.g. malicious e-mail addresses),
• modifying requests before they are sent to the API,
• stripping harmful characters to protect against XSS attacks,
• throttling requests based on a chosen key (e.g. IP + cookie),
• swapping parameters to reduce the risk of manipulation by an attacker.

PenToster is a unique platform that raises the quality and efficiency of software testing. The software is used by Immunity Systems during security testing to maintain the highest possible quality. The platform has built-in features such as traffic logging, management of a separate CA for security tests, extensive statistics, routing management, tunnelling of the UDP, TCP, HTTP (h2, http1.1, http1.0) and HTTPS protocols, and many more. The platform is offered only to selected clients.