With the procedure of Threat Detection & Analysis, the Data & Network Security Department of P & P INVESTIGAZIONI S.r.l. is able to detect and analyse possible hostile hardware or software devices (as for example worm), potentially suitable to damage or to forward to the outside sensitive data present in the operating systems affected by threats.
The Social Engineering is a set of psychological techniques that the Social Engineer uses with the intent to induce, with a trick, the addressee to carry out determined activities (such as for example the release of access codes, the opening of malicious attachment or of a website containing dialler, etc...).
The attack foresees a first stage, called footprinting that is the gathering of information related to the victim (e-mail, telephone numbers, ecc…) and the following appraisal of their reliability. When the victim will be caught in a snare, driven by the trust for the Social Engineer, this one could access to the computer system and so could violate it.
To fulfil this activity, computer skills are not required as it is sufficient to know the psychology of the person (it is moreover possible that the usual instruments of computer intrusion have been - without success - already experienced): the Social Engineer, in fact, appeals on some sensations of the victim, such as the guilt, ingenuity or ignorance.
With the service Code Review, the Data & Network Security Department of P & P INVESTIGAZIONI S.r.l. detects the possible vulnerabilities within a source code, in this way it could limit the costs deriving from the production of the related programme.
The activity consists in a first analysis of the application, through the simulation, by means of tools, of the code execution and so by the detection of the possible vulnerabilities. In a second stage, there will be take into account the one that are not possible to detect during the first stage.
With the service Security Evaluation, the Data & Network Security Department, making use of very competent technicians, attests, in lab environment, the degree of security related to the applications, process, hardware and software platforms, through the identification of the possible vulnerabilities, and the fulfilment of the safeguarding procedures already existing by the side of the employees.
Through the IT Risk Management, the Data & Network Security Department of P & P INVESTIGAZIONI S.r.l., detects the risks (vulnerability, threat, ecc…) deriving from the investments of the company in the IT field (the so-called Risk Assessment) and defines the best strategies to control them (the so-called Risk Treatment), extending in this way the level of security that an IT infrastructure requires.
The service of Security Audit is a technical assessment, that requires the combination of Penetration Test and Risk Assessment activities: this is basically to identify with accuracy the vulnerabilities that are present in the computer system, through a punctual improvement of the technological controls performance, and to develop in this way the arrangement of evaluation of the risks in it present.
The staff specialised of the Data & Network Security Department of P & P INVESTIGAZIONI S.r.l. offers services of consultancy dealing with any of the contents regarding the IT security, in other way not classified in the field of the services described.