bg-cta
05-header-security-hr...

Ethical hacking

Cybersecurity

05-bg-gevaren
image_66.png (copy1)

Zero-trust security turns the logic you know on its head. Everything and everyone is suspect, including your internal traffic and your own employees. Ban everything and only allow what must be. The best thing is to draw up a security plan based on the worst-case scenario. Your greatest challenge is to think carefully about who among your employees should have access on which device, and to which networks, applications and data.

Zero trust:
trust nothing and no-one

image_67.png (copy1)

By 2024, up to 40% of all data traffic is likely to be transmitted over 5G at speeds of up to 10 GB/second. Technology makes our lives easier and opens the door to new business applications but also to cyber threats such as infected data packets and corporate espionage. The best way to counter this is to dramatically increase your security and monitoring levels.

5G: enormous opportunities but extra attention is needed on security

image_67.png (copy2)

In 2020, the cloud really became the way to go to ensure the continuity of your business. This rapid migration to the cloud also brings new security challenges. What threats do you need to watch out for in 2021? Poorly configured cloud storage, reduced visibility and control over your data and vulnerable cloud applications and infrastructure.

Increase in threats via the cloud

05-bg-quote

“Ethical hacking is indispensable in a good security strategy for SMEs as well.”

Davinsi Labs is a Proximus Accelerator and helps companies achieve Digital Service Excellence through specialised Security Intelligence and Service Intelligence solutions. In today's digital world, customers expect their data to be managed with the utmost security and they want a fast, flawless customer experience. As a Managed Services Provider, Davinsi Labs offers a portfolio of solutions to achieve Digital Service Excellence for the most business-critical applications and services.

image_61.png (copy1)

EthiCAL hackInG in 3 stEPS

1. Clear agreements are made about what exactly is to be tested.

2. The penetration test(s) are started. All functionalities of an application are scrutinized.

3. A detailed report documents all findings: what impact they have and how likely the business applications are to be exploited. When it comes to critical vulnerabilities, we are contacted immediately and can guide the client to a quick solution.


THE 13 SECURITY RISKS FOR 2021

2020 was the year of corona and hybrid working. But also the year of phishing and ransomware, because cybercriminals found huge gaps in home network security. The healthcare crisis is therefore defining the security landscape of 2021.

DISCOVER THE RISKS

5 questions on ethical hacking

"Ethical hackers look for the security holes in websites, mobile applications, and (wireless) corporate networks," explains Sander Van der Borght, ethical hacker at Davinsi Labs. "We use the same tools and techniques as malicious hackers and report any vulnerabilities we find. We also run phishing campaigns to build and measure user awareness. End users remain a very vulnerable link. In this way, we help companies to protect themselves against hackers with bad intentions.”

1. WHAT IS ETHICAL HACKING?

2. SECURITY SCANNERS OR ETHICAL HACKING? 

"The human brain still reasons better than a computer and can think out-of-the-box," explained Sander. "Automatic scanners do not take the operation or context of an application into account. They are an added value because they can scan many assets and large volumes in a short time. However, they provide no guarantee about the quality and depth of the results. For example, we might find a vulnerability that allows us to create a user with more rights than originally allowed. Or we are able to look into orders or invoices of other people. These types of vulnerabilities are very serious and are called business logic vulnerabilities. A scanner does not find these kinds of vulnerabilities and as a result a lot of things stay under the radar. If you want to be compliant, you need to have penetration testing done.”

Sander: "One test unfortunately does not give a conclusive guarantee that your policy is foolproof. Hackers invent new tools and techniques every day. So what is secure today may have a critical vulnerability tomorrow. It is therefore important to do penetration testing regularly. It is best to start early in the development phase to have the code of your application tested and then preferably at each major change (of code and/or infrastructure). This way, you can solve problems before they occur.” 

3. WHEN IS IT BEST TO HAVE YOUR COMPANY ETHICALLY HACKED? 

The 13 greatest security threats of 2021

Proximus investigated cybersecurity in 122 Belgian SMEs

90
%

of businesses are worried about possible attacks

19
%

were the victim of a cyberattack in 2019

43
%

of the attacks occurred via phishing

Ethical hackers use the same techniques as rogue hackers to expose and repair vulnerabilities in your cybersecurity. Sander Van der Borght and Stephen Corbiaux, ethical hackers at Davinsi Labs, explain.

4. WHAT ABOUT NEW TECHNOLOGIES?

"New technologies are no harder to hack than existing ones," says Stephen Corbiaux, ethical hacker and Solution Lead Vulnerability Management at Davinsi Labs. "Software continues to be developed by people and people make mistakes. The fact that the top ten threats from ten years ago are still burning today says it all. But if there is one category that is hugely vulnerable, it is IoT. It is impossible to put a number on poorly secured devices and devices that do not get security updates after two to three years.”

Stephen: "No, ethical hacking is indispensable in a good security strategy for SMEs as well. As a first step, we look at the crown jewels and infrastructure that are online. When an organization has sufficient security maturity in its external environment, internal assets are tested. This can be done through customized penetration testing, even for the smallest infrastructure or application.” 

5. CAN ONLY LARGE COMPANIES ARRANGE TO BE HACKED?

bg-cta
05-header-security-hr...

Ethical hacking

Cybersecurity

Davinsi Labs is a Proximus Accelerator and helps companies achieve Digital Service Excellence through specialised Security Intelligence and Service Intelligence solutions. In today's digital world, customers expect their data to be managed with the utmost security and they want a fast, flawless customer experience. As a Managed Services Provider, Davinsi Labs offers a portfolio of solutions to achieve Digital Service Excellence for the most business-critical applications and services.

image_61.png (copy1)

Ethical hackers use the same techniques as rogue hackers to expose and repair vulnerabilities in your cybersecurity. Sander Van der Borght and Stephen Corbiaux, ethical hackers at Davinsi Labs, explain.

5 questions on ethical hacking

"Ethical hackers look for the security holes in websites, mobile applications, and (wireless) corporate networks," explains Sander Van der Borght, ethical hacker at Davinsi Labs. "We use the same tools and techniques as malicious hackers and report any vulnerabilities we find. We also run phishing campaigns to build and measure user awareness. End users remain a very vulnerable link. In this way, we help companies to protect themselves against hackers with bad intentions.”

1. WHAT IS ETHICAL HACKING?

2. SECURITY SCANNERS OR ETHICAL HACKING? 

"The human brain still reasons better than a computer and can think out-of-the-box," explained Sander. "Automatic scanners do not take the operation or context of an application into account. They are an added value because they can scan many assets and large volumes in a short time. However, they provide no guarantee about the quality and depth of the results. For example, we might find a vulnerability that allows us to create a user with more rights than originally allowed. Or we are able to look into orders or invoices of other people. These types of vulnerabilities are very serious and are called business logic vulnerabilities. A scanner does not find these kinds of vulnerabilities and as a result a lot of things stay under the radar. If you want to be compliant, you need to have penetration testing done.”

Sander: "One test unfortunately does not give a conclusive guarantee that your policy is foolproof. Hackers invent new tools and techniques every day. So what is secure today may have a critical vulnerability tomorrow. It is therefore important to do penetration testing regularly. It is best to start early in the development phase to have the code of your application tested and then preferably at each major change (of code and/or infrastructure). This way, you can solve problems before they occur.” 

3. WHEN IS IT BEST TO HAVE YOUR COMPANY ETHICALLY HACKED? 

4. WHAT ABOUT NEW TECHNOLOGIES?

"New technologies are no harder to hack than existing ones," says Stephen Corbiaux, ethical hacker and Solution Lead Vulnerability Management at Davinsi Labs. "Software continues to be developed by people and people make mistakes. The fact that the top ten threats from ten years ago are still burning today says it all. But if there is one category that is hugely vulnerable, it is IoT. It is impossible to put a number on poorly secured devices and devices that do not get security updates after two to three years.”

05-bg-quote

“Ethical hacking is indispensable in a good security strategy for SMEs as well.”

Stephen: "No, ethical hacking is indispensable in a good security strategy for SMEs as well. As a first step, we look at the crown jewels and infrastructure that are online. When an organization has sufficient security maturity in its external environment, internal assets are tested. This can be done through customized penetration testing, even for the smallest infrastructure or application.” 

5. CAN ONLY LARGE COMPANIES ARRANGE TO BE HACKED?

05-bg-gevaren
90
%

of businesses are worried about possible attacks

19
%

were the victim of a cyberattack in 2019

43
%

of the attacks occurred via phishing

EthiCAL hackInG in 3 stEPS

1. Clear agreements are made about what exactly is to be tested.

2. The penetration test(s) are started. All functionalities of an application are scrutinized.

3. A detailed report documents all findings: what impact they have and how likely the business applications are to be exploited. When it comes to critical vulnerabilities, we are contacted immediately and can guide the client to a quick solution.


Proximus investigated cybersecurity in
122 Belgian SMEs

image_66.png (copy1)

Zero-trust security turns the logic you know on its head. Everything and everyone is suspect, including your internal traffic and your own employees. Ban everything and only allow what must be. The best thing is to draw up a security plan based on the worst-case scenario. Your greatest challenge is to think carefully about who among your employees should have access on which device, and to which networks, applications and data.

Zero trust:
trust nothing and no-one

The 13 greatest security threats of 2021

One magazine

Both large companies as well as SMEs face similar challenges of digitization. That is why we have joined forces and can now offer you an updated magazine: One, about smart entrepreneurship in a digital world.
Fullscreen

This publication uses cookies

We use functional and analytical cookies to improve our website. In addition, third parties place tracking cookies to display personalised advertisements on social media. By clicking accept you consent to the placement of these cookies.