We help our customers with more challenging cybersecurity problems and offer services such as penetration testing, malware analysis, forensic investigation, detection and prevention of targeted attacks, customized training on challenging security issues etc..
We focus on our specialized knowledge and area, and do not offer everything for everyone. We offer auditing and consulting services related to more challenging cybersecurity problems. In a nutshell: We offer those security services that others do not. When you need a specialist, Fitsec is the right partner for you!
Our customers are central to everything we do. Our role is to solve complex cybersecurity problems facing our customers. We tailor our services to meet the unique requirements of each customer and are truly committed to helping our customers succeed. We focus on building relationships, not just individual transactions.
Cybersecurity threats evolve at an amazing speed. To keep up with the ever changing threat landscape, we monitor developments in the security field, study malware and follow up threats on an on-going basis. As we are constantly developing our skills, we can always offer our customers the latest expertise in cybersecurity.
By working together, we can build on the individual skills of all our eperts and thus ensure high quality work. In each project, we share our knowledge and join forces to achieve a common goal.
We tailor our services to meet the requirements of each individual customer and make sure that the end results are pleasing to both parties. We operate and serve our customers with agility in mind, whatever the situation.
Linnoitustie 4 A
Switchboard +358 9 354 01360
USBguard product support (weekdays 9-15)
+358 40 776 6644
Director of operations
+358 50 447 9876
© Fitsec Ltd 2018 | Linnoitustie 4 A, 02600 Espoo, Finland | firstname.lastname@example.org
The USBguard service guarantees safe file transfers between USB mass storage devices. The service includes the USBguard device, that enables you to scan USB drives for malware, copy files between them and format them securely.
When you use the USBguard, you will never have to plug unknown USB devices into your own computer.
You can read more about the service at: usbguard.fi
The APT(Advanced Persistent Threat) feed contains identifying information of targeted attacks. This information can be integrated into various systems such as firewalls and other technical solutions to protect your organization. The feed is constantly being updated with the latest information, by researching attacks and malware used in them. This makes it possible to detect even to most sophisticated attacks.
All our feeds come with a 1-month free trial period, so that you can evaluate the benefits of them to your organization. To read more about the service and other feeds, please visit: feeds.fitsec.com
The Sentry is a service that is designed to detect targeted attacks. When a targeted attack successfully breaches an organisation, it is extremely important to be able to detect it is quickly as possible and thus prevent greater damage. The service includes the Sentry workstation installation, that can find targeted attacks and also more traditional bulk malware.
When the software flags something as suspicious, the suspicious machine code is sent to our experts for manual analysis to find out what the program does.
The Sentry is a full service that also includes all of the necessary clean up work that is required after finding a malware infection. Forensic investigation and malware analysis is always performed, to ensure that we can find out for example what the program has tried to steal. Forensic investigation will also reveal how the malware has entered your network. The customer is always notified of any findings.
The Asset/GDPR tracking service enables you to track your valuable information and find out if it is freely floating around the internet. By tracking your data, you can quickly react in the event of a data breach or other incident, and gain insight into the security of your environment to fix problems proactively.
The service also helps your organization with compliance regarding GDPR and in the event of data breaches more specifically. By using the service, you can quickly detect breaches and inform the affected parties right away.
Asset & GDPR Tracking can find out if for example:
• Your customer database has been breached
• Credit card information has been stolen
• Domain names have been hijacked
• Your sensitive documents have leaked
• Work e-mails are being used for private matters
The Asset & GDPR tracking service includes a 1-month FREE trial period, so that you can evaluate the benefits of the service to your organization.
Fitsec offers an incident response service where an expert will be deployed to help you in the event of a security incident. When a breach happens, it is extremely important to prevent further damage by reacting quickly.
Our experts will solve the issue and perform all necessary actions to make sure your environment is safe and usable again as soon as possible.
When examining the situation, we will find out for example:
• What systems have been breached
• How to contain the breach and prevent further access and damage
• How to protect your network to prevent the malicious software from spreading to other systems
• How to contain the malicious software for further analysis to find details of how it got through and what it does
• How to completely neutralize the threat and clean up all systems
Malware analysis is a service where we find out what a malicious program does. Analyzing the malicious program and it's code can reveal highly useful information for your organisation, to help you prevent attacks in the future. We will find out for example how the malicious program was introduced into your network, what the program was made for and what has it tried to steal. Analysis will also reveal if it has tried to spread around your network and how we can remove it completely.
When a data breach or malware infection occurs, it is important to find out what exactly has happened, when it has happened and possibly who is behind it.
This process involves copying the entire disk for close inspection. Forensic investigation aims to find out for example:
• How the malware got through to the system
• In the case of a data breach, how the data was exfiltrated
• Forensic investigation can also provide proof of the innocence or guiltiness of certain parties
During the first day of training, participants gain insight into the different mechanisms that attackers use to gain access to organisations.
The second day of training is focused on teaching participants about prevention and observation methods that can be used to minimize the damages of targeted attacks.
The 2-day training aims to teach your staff how detect targeted attacks efficiently.
Participants learn about different USB security risks and how to effectively minimize the risks of different attacks.
The training also helps your staff to suspect and detect different types of USB attacks.
In addition to these ready made training packages, we offer completely custom training options for your organization. Contact us for further information!
During the workshop we map out your existing processes regarding malware infections and aim to find cost-effective solutions to how existing processes can be improved, new processes formed or old and redundant processes removed.
The workshop also helps to cost-effectively improve your observation skills regarding malware infections.
Reverse engineering involves finding out what a program does by completely analyzing its code. Our experts analyze the machine code to find out for example:
• What a malicious program does in the system
• Are there any serious vulnerabilities in a program that you assume is safe
• If you have a program and you have lost the source code, it might be possible to get some parts back to help build the source again
The service ensures the security of your control systems by testing if they can be accessed by attackers. We look for vulnerabilities in a safe environment and aim to find them before attackers can use them.
With Fitsec, the SCADA-audit does not risk your operations. We construct a copy of the actual system, software versions and devices in a safe environment where we observe how it reacts to different attacks.
All findings will be immediately disclosed to the customer, who can then further inform the vendors.