1 Information security
Заказать звонок





Consulting and preparation for certification

The attestation of information objects is a complex of organizational and technical measures that result in a Certificate of Conformity. This document confirms that the object meets the requirements of standards or other regulatory and technical documents on information security approved by the FSTEC of Russia.

The SPA CSD LLC has all the necessary licenses from the FSTEC of Russia and the Russian Defense Ministry to perform this type of work.

Pen-test. Vulnerability analysis

We provide services for the analysis and assessment of vulnerabilities of software and systems, namely, the search for potential vulnerabilities in publicly available sources, search for zero-day vulnerabilities, and pen-testing (penetration testing).

The main task is to detect and conduct exploitation of attack vectors on public resources of the company or critical information processed by the software solution to identify possible ways to compromise resources, gain access to sensitive data, disable resources or hinder their operation, etc.

The analysis is conducted from the perspective of a malicious intruder and can include both passive and active (potentially destructive) components.

Critical infrastructure protection

We provide services for the protection of critical infrastructure to ensure the sustainable and uninterrupted operation of critical business processes.

The stages of implementing this service:

Stage 1. Preparatory work, the result of which is an approved list of CII objects subject to categorization.

Step 2. Categorization of CII objects. The result of this step is the act of categorization, as well as Threat and Intruder models.

Step 3. Preparing documentation (certificates, reports, engineering design specifications for CII safety subsystems).

Icl.ru uses cookies, and by continuing browsing the website you give your consent to the use of cookies by us. Otherwise you should leave our website after reading this.