• Image
  • Image
  • Image

Nowadays the biggest risks in IT Security are coming from data leakage - data stealing and from the vulnerable IT infrastructure. It is now a daily example in the media to hear about unauthorized data accesses, hijacked computers and complete IT systems, or similar technological abuses. These criminal activities results in serious damages not only on IT level: significant loss on the business reputation, risking a company’s market position and the development opportunities. The stolen customer data manipulations available because of vulnerable IT systems, can influent the public view of companies badly above on the embarrassing incident(s) itself. Market positions earned hard, recognition became to nothing if the customer trust got shaken, if the company data assets serves others.

Information security is not a hardware product you can switch on and you are done, no security threats anymore. You can’t put it on the self between the software boxes, that ok finally we are there, everything settled.

Information Security is kind of status,
what you have to keep on high level.

About us

The Company

About Image

nConnect Hungary Ltd. founded by IT professionals, experts from the various areas of Information Technology in 2010 in order to integrate their experience.

We are providing complete services on the field of IT Security, along with designing, planning and managing Information Systems from zero to the Enterprise sector.

The Vulnerability Assessment Method of nConnect is based on the method what is the base of cybersecurity at EU or NATO. Built on international experiences, our focus is on the human intelligence - the „manual” work. The audit kind automated scanning - widely used in Western Europe - just extensions of our methodology.


What’s determining the security level of any IT infrastructure?
The weakest link.
Always.

<

Certifications

Services

Main Services

Vulnerability Assessments - Ethical Hacking

Etikus Hack

Ethical Hacking
What is the meaning of ethical hacking?It is an offensive information security assessment, using all the tools and techniques what hackers use in real life scenarios.
Okay, but what makes it ethical?It is requested by the customer itself against its own environment, by the representatives of the customer, with the proper level of authorization.
What is the goal of such assessment? Performing a complex non-limited assessment to find all the vulnerabilities what is possible, during the agreed timeframe of the project.

What is the structure of such assessment? The assessment has a number of interconnected modules:

  • External
  • Internal
  • Web application
  • Wi-Fi
  • Mobile networks (GPRS, 3G, LTE),
  • Social engineering.
What does the customers report package contain?The end result is complex, targeting multiple audiences:

  • Executive Summary about the risks at company level with decision-making situations.
  • Detailed lists about the vulnerabilities, attack vectors and its possible fixes. The technical report is modularized with categories where the vulnerabilities prioritized based on their importance.
  • Finally an action plan with a with short- mid- long term break-down. This will be the base of the project plan, which will be used to fix the problems and raise the resistance level of the IT infrastructure.
Ok, I got the report, it has multiple critical findings/vulnerabilities, what should I do, what’s the next step? Just open the action plan and use that to plan your modifications and fixes according to the internal IT Change Management procedures. Unfortunately we have not enough [qualified] resource, what’s next? We can help both on Quality Assurance or implementing role to achieve the final goal in order to fix all the vulnerabilities in the proper way.

Code audit

Kód Audit

Based on the experiences of various application’s vulnerability assessments:

  • Code Audit: Usually happens after a Vulnerability Assessment, or act as a module of a bigger, more complex VA like source code audit of a web application, or smart apps.
  • Secure Development: the most effective way of secure development? Do it as a daily practice from day 1. To achieve this, it’s a must to set the base requirements, and within those boundaries hold systematic reoccurring code reviews – including the security aspects and requirements.

Training

Oktatás

The foundation of security awareness based on actual trends, events from Information Security`s point of view. Who needs such awareness training within a company?

  • The senior management, decision makers (non-technical training), to become updated with the risk factors influencing the operation of the company.
  • The employees (non-technical training), to create a real security awareness in their minds.
  • The operators of the IT infrastructure (technical training), to let them focus on the real problems/risks.
  • The developers (technical training), to let your company has such products, which are creating revenue, not leaking data or create backdoors – so you don’t have to recode everything from scratch.
Based on the experiences, the IT security problem needs at least these four level of „translations” within a company, to address everyone and send the proper message to each and every group. A message wich relevant.

IT Project management

IT Projekt Management

With more than 12 years of experience in the Enterprise IT (ITIL, CISA,CISM, PMI) we can turn the IT operations and management to be more effective, set the operation of the company more stable. Tailored for the size, fine-tuned for the goal s of the firm:

  • Development of IT Security Strategy
  • Creation of Information Security Policy
  • Creation of Business Continuity Plan
  • Development of Disaster Recovery plans (DRP, ADRP)
  • Preparation , implementation of IT [security] procedures
  • Implementing proper level of IT security the best IT SEC solutions - according to the company`s profile

References

The below references are published by industrial areas or markets.
Among others, our team has been engaged in the assessments below:


Public Foundation, One of the biggest and most successful non-profit institute of applied resources.
Vulnerability Assessment modules: Special vulnerability assessment (external, web application)

Big telecommunication company abroad, it has 31 million customers in 8 countries.
Vulnerability Assessment modules: Complete vulnerability assessment (external, web application, internal, Wi-Fi, social engineering, + 3G/GPRS)

Government controlled Ltd. driving the Hungarian energy sector. One of the most important strategic area of the national economy.
Vulnerability Assessment modules: Complete vulnerability assessment (external, web application, internal, Wi-Fi)

Hungarian subsidiary of an international telecommunication company, a dominant player on the Hungarian telecommunication market.
Vulnerability Assessment modules: Complete vulnerability assessment (external, web application, internal, Wi-Fi, social engineering, + 3G/GPRS)

One of the biggest player in domestic waterworks in Hungary.
Vulnerability Assessment modules: Complete vulnerability assessment (external, web application, internal, Wi-Fi, social engineering)

Governmental supervisory body of pharmaceutical industry in Hungary
Vulnerability Assessment modules: Special vulnerability assessment (external, VPN, internal)

One of the biggest commercial television company in Hungarian market.
Vulnerability Assessment modules: Special vulnerability assessment (internal)

Governmental organization of Hungarian Infrastructure Development.
Vulnerability Assessment modules: Special vulnerability assessment (external, internal)

As a protection level for our existing customers more details about these references are available during personal meetings only.

Contacts

Contacts

Address:

2 Árvácska str. Nagykovácsi
PO Box 2094
Hungary

Tel: +36-70-4192709
Email: info@nconnect.hu