Main Logo - Pilatum

YOUR PENTEST, SECURITY ORCHESTRA, SEC-OPS PARTNER

MORE

Our Mission

The number and severity of cyber-attacks have increased significantly over the past decades. All businesses are exposed to cyber threats and most multinational organizations have already suffered significant financial losses and reputational damages linked to attacks like:

  • Denial of Service (DDoS, Ransomware, ...)
  • Data Leakage
  • Fraud (ERP Tampering, CEO Fraud, ...)

For these reasons, protecting companies' information and assets is a key element to ensure long-term viability and competitiveness. In the current context, with an ever-increasing number of connected devices and equipment and the threat scenario continuously evolving, achieving this goal is getting more and more complex and demands more and more resources.

Our mission is to support our clients in their efforts to guard their business against those threats. We provide expert advisory services to design tailor-made security concepts for our customers, and highly technical offensive security analyses to test them in depth. Our focus lies on security advisory and assessments, we also provide vendor-agnostic recommendations for 3rd-party services and solutions to truly address our clients' needs.

Our Team & Expertise

Our team is composed of passionate experts in various fields of IT Security. To ensure independent and focused results, we split our service portfolio into two areas:

CORSEC
Advisory services for Security Operations and management-oriented drawing on our extensive experience in SOC, risk management and regulatory compliance.
THACKTICAL
Technical consulting and offensive security audits with a strong focus on ethical hacking, penetration testing and red teaming.
The two teams work very closely together enabling them a common growth and deeper understanding of the security landscape. Together, CORSEC and THACKTICAL join forces to provide training, purple teaming, incident response, threat hunting and security research.

Services

CORSEC

SECURITY OPERATIONS

Design or review Security Operations processes, in order to improve, companies' incident handling capability, from detection and triage up until lessons learned through efficient and proactive containment measures.

MSSP EVALUTATION

Evaluation of 3rd party Managed Security Service Provider’s offering such as: SOC as a Service, Endpoint Detection and Response, Log Management; supporting before the selection process as well as during the setup and delivery phases.

SOC USE CASES

Design and implementation of detection measures and triage processes to enhance SOCs detection and response capabilities with a strong focus on business risks.

BUSINESS CONTINUITY

Review or design of technical measures in order to enhance the resilience of IT-connected business processes against disruptions and create disaster recovery capabilities.

SECURITY MANAGEMENT

Design, review or implementation of security policies and controls to reach regulatory compliance (ISO 27001, GDPR, PCI-DSS, etc..) or improve the overall company’s security posture.

MARITIME RISK ASSESSMENT

Assessment of the cyber risks specific to the maritime industry in order to meet compliance with IMO Resolution MSC.428(98). requirements.

THACKTICAL

WEB APPLICATION AUDIT

In-depth analysis of web applications following recognized testing methodologies such as OSSTMM and OWASP WSTG.

MOBILE APPLICATION AUDIT

In-depth analysis of Android mobile applications following the OWASP MSTG methodology.

NETWORK SECURITY ASSESSMENT

Analysis and evaluation of the security risks related to internal and internet-exposed assets through scanning and penetration testing.

SECURITY ORCHESTRATION

Enhancement of the detection and response capabilities of Security Operation Centers (SOC) through automation and the use of IRP/SOAR platforms.

CODE REVIEW

Review (manual and automated) of application's source code in order to identify security-related weaknesses and deviations from code security best practices.

CONCEPTS REVIEW

Design and review of IT solution architectures or processes prior to their implementation.

PILATUM (CORSEC & THACKTICAL)


Joint work between the two teams

THREAT HUNTING

Analysis of infrastructure, applications and network information in order to find known and unknown artifacts or indicators of ongoing attacks as well as operational procedures (TTPs) typical of threat actors.

INCIDENT RESPONSE

In-depth analysis of security breaches in order to understand scope of an incident and its root causes to prepare efficient mitigation and containment measures.

PURPLE TEAMING

Deployment of common and advanced threat scenarios in real environment to evaluate, build and improve detection and response capabilities as well as protection measures.

TRAINING

Tailor-made security training sessions on different topics ranging from technologies and processes down to generic awareness, intended for different audiences.

Contact

PGP 4096 If you wish to encrypt your email, please use the following PGP key:
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGQLu9EBEADIzFI0KusagH/kPLgko0LbpNojpVfcgzELvV/AwMXNW4jHgLWr
fz4JKdOECIK8UYlZtxu8Zd8Her0l5hpH/yOvxt6K5dKtwt66+qh1aAxOFJEOQiRn
ucnECsUx1mRHqY2EvFzpRfQxOJcICvPI/4XrJukUKnqcN1aBaoJ9lv1CoX3Wla0J
D+IG8YT71pXfAMiLSadYa50qKxTRswnQdSSCGa2Rmmb4LWg8Cwh0pt+v4doZm3qZ
5hgLXui00rnXQVLl6e90gG3+IvfMg9SP0k8aVGYJB4OsjlwVF6QrEyShj2W7Hhxf
tP8KbDLOo+igdNZOlEwoVplUMVDlIVSutMH+KriGzbb5C6f/5BxYnxK4fwXmPEPd
tYNE9ec8Vth7harU6f+9/DeVA1/4pehRhDD/KyUEn5uRR5XnCJe5R1d4GAzanKkt
XLENLEfW6S6EbiX8ZyApIdo9yZisIozmUY5Umlr0MC5tkYSNGGnQ8PPPjwRRC+5H
mCMwC4P3OgKEMB8hYGQNrUc8qmpexdi5ICPQtm7eO14fr1itaLTMWhEZh8LVwYkH
eX6rk24Wrk7eOrd4iYPgVwU2Ja+E1lqBpXg+wxkdQ5nexQOAuIYTyXBJwcqJneSs
zu+Ne65gnfacyL9zGXODv9Wxhn9LLROzCZ+BqBoHszHppGC9WbimcrymawARAQAB
tDtJbmZvIC0gUGlsYXR1bSBJVCBTZWN1cml0eSBTZXJ2aWNlcyBHbWJIIDxpbmZv
QHBpbGF0dW0uY29tPokCVAQTAQoAPhYhBJxamwVX1g082K7AmxQSkk3vbPP7BQJk
C7vRAhsDBQkFo5qABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEBQSkk3vbPP7
w+UP/3IyT8S+9amUFR/76mqVJJJLshXRJSG06jsGnb/0Zf+L1La47aWChtqrTarB
IFGWEM0FvnymRtWYPO9+MY6HCHcdbmCbryq3QMGkK0DjraNQVko6iUl2U9ExXon0
gvucTnU60rr4j/6PJbXRB4CiQlzvy3XdeQBt5EYliQxVq5lELrB2E29BVsGA/civ
dPlEf+xmXlZzkblleyzdEuL6qm6zOfv+JN6haW+1gSSYfRQbiheVTAfYY3ick0jy
fRcac6Oq7dDqB6GPs/4Kz5Td/XNbO75fTXTS4G5Eq386LBMZOiCkwAtRkuhaB9DV
V3xYZcYR4o6CoqvZL2yqgg5JIV+rdQlaI5K5IH9f4EBoeLPbTpKUoOrOVsI6h51H
MGqIK+Xe3TWvasDPtKlOJvSZ9buq5cWWl7bsI9JNuX+9k5KKUqRH6SVN0K8N/c3z
8eq6nQnygIKSATFtxiLomY8UxCPhMuxXRR5KFNnI+J/6VL1Arf8ua9uiwQNQqZV6
8rahyCDAuo+ZD0Mdk5PitGVoqKoXiQ+zt/2TpFUQjArsyqvyPhDUvA4a4Tq/VaxR
D1wKMwfIPQK6iIW+Dy+CpdAfN3COJpbG7o6jBL691KOOYoe933DSNjopcC+mTLvN
qyK7K4A34wvpkgY3ib4UQuCsuXYmQR7rtPwB2wFmzNjOk65SuQINBGQLu9EBEADI
5lxV35hhR1KjleNXx5ZFFmBtDKYQo5HM7eS5JldvYPgunUarCM4LuuCPaq2HcAQ2
8jtJ1gdRSwFzpOWMc5Mv00BOnIMNh/wvSy+Zsy2vBP3fWoGn8TLakpDmrTA9pYPt
nlva7f2z5ICn/Did6jKJBQSab6bNgwrgym77I3GUc3/7TPCDsNNkHOQLVedkEbBb
VIRT3O5b5Y94XwUOChJPUwMHzrXy/x9VeFsmSyEMG/PH3R7IbtEG6y06SCwWLIIq
Am2eQXUAelHEBv/rjExXaDVQLqaFN+OKNVz4Rm/Rxx/KAutGWJSiJcH+zAh5WKI8
7gu8r+/Q6Rkjqq1mDNjFLZ3EKjOpWEKBURXH0+X/FwR0NZB2MrRrjtB/9/el4qIF
0Wq0qPXBWe6azkvnDDCPNUYfQkl5PEQyYxA31GW3Yea44vNuANJkebv7zHxLagxA
XWqtP4H6rRH3ulSqf7Rjej9I/ZVVe7tIZ/tHds5bR0w4Mx98jg39YsNCow27fv2s
KhfaSCdvDWp4Nzb4lJJTV9Lzfi479wX4iVLS+20OeKYCbFG3QQnDnemBc5ypYRew
fFSiSkp6l9lSyq8Yw/xh3Dd+BB25wLQBU3bp0EJWui8uWp42Kp21Mvrejt0ymKK1
eWUYwEjxbLH2ADM1EFU1Ksd/y6CgqoVPn640Iz7zLQARAQABiQI8BBgBCgAmFiEE
nFqbBVfWDTzYrsCbFBKSTe9s8/sFAmQLu9ECGwwFCQWjmoAACgkQFBKSTe9s8/ud
Xg//ayFnvWDoC9MMT2807X4X9huLPPDRRoZCOghhFc6rj6yIFa3wtjE4IQlAxvK1
tdjiklX6sdWdIKgwDiW9PPNYgcy9F5uJm4XwJgzPEKU8W17chBwdef3rC6saig21
RQOfciPqFIuEj5ky9zPCkeRCA/VYWvKrtaXLXWWQRDg6kcntLqwmtXS6UWD67a8c
AkU3Et0JcTHoBkJi/4HqBdH+uDdTmYrAXhu/ivicWwWCR0s7nYsIET0vXFE6gJQo
N/g2gP9Scmz1AgQgxsUTEzmFEbLnepdpPGJl7GoDzUDQSuxONnQYJC2yKg7EJpTl
MhI9vMoSce4euV0+TOWbUNrpnNfe6TQ0sAadGMeRAYZ6OwChiVWuspyQlwoNMhEp
paejkaA9p1wZfXVvn3RWklp2x22hbKHu4BtHkNd28SH+SL1XhpKRFgOfhEFYFz1/
cFP2chFQ3A3xe5p5ngX9BpZyUsMVCLB4o57N3MMlNnXMmp8hoaQGkv1HxAIbHz3u
DaVtBXJBvHfbgSK7phopd7UKE38JvqL1v7iWKJfQ0QoUKeSu+r54qYImEXlRBfUN
tlspuWqJ7uaJ+faN7X6zq/mSiz1qzJQXXXEQVf66qGWgaxn2m9y08MQ/2Ph0L6dA
+hyX1ephDxjT6BxFr8N57MVNkuVYjUsHCMPo07F+OCY9NBM=
=e+gE
-----END PGP PUBLIC KEY BLOCK-----

PILATUM : Your Trusted Partner

Please do not hesitate to get in touch. We will be back to you as soon as possible.


Contact

Email: [email protected]

Address: Pilatum IT Sеcurity Servicеs GmbH
Bachtеlstrassе 15
8307 Еffrеtikоn


Business Hours

Monday - Friday: 8am to 7pm Saturday - Sunday: Closed


UID: CHE-306.589.975