Home/Services

Managed Security Services

Fully-managed, outcome-driven, security services. Offload your management and technical team and focus on your core business.

Offensive services

NPT - Network Penetration Testing

Manual check of the effective security level of an IT infrastructure through the stimulation of techniques and procedures typical of an attacker. A NPT is finalized to the identification of undiscovered security issues that wouldn't be detected by automatic tools. Experience and creativity are summed to the usage of the most qualified methods, such as OSSTMM and OWASP.

NPT In detail
WAPT - Web Application Penetration Testing

Manual check of the effective security level of an IT infrastructure through the stimulation of techniques and procedures typical of an attacker. A WAPT is finalized to the identification of undiscovered security issues that wouldn't be detected by automatic tools. Experience and creativity are summed to the usage of the most qualified methods, such as OSSTMM and OWASP.

WAPT In detail
MAST - Mobile Application Security Testing

A Mobile Application Security Testing activity represents the simulation of an attacker against an application which is directly downloadable from the official stores (AppStore and PlayStore) or provided in an alternative way for internal use. Depending on the type of application and on the level of access obtained, the tester will try to modify the application flow and to manipulate and exploit the data saved locally and on the remote server.

In detail
EH - Ethical Hacking

Attackers don't follow rules and can operate in several different ways in order to reach their goal with minimal effort. Our Tiger Team will analyze the IT infrastructure, procedures, human resources and physical security of the client to discover the leaks and exploit them in order to perform a simulation, as much correct as possible, of what could happen in real terms.

EH In detail

Defensive Services

VA - Vulnerability Assessment

Execution of a series of non-invasive manual and automatic (through open source and commercial software tools) audits of IT infrastructure and web applications. A VA is able to detect possible known vulnerabilities. None of the services that we provide is merely automatic so our VA have a superior quality though keeping reduced cost and time.

VA In detail
CR - Code Review

Application source code analysis aimed to detect security issues and bad precises. CR allow us to detect the majority of vulnerabilities, since it is a White Box activity (where the client provides all the information that are useful for the auditor), even the ones that normally wouldn't be exposed during a WAPT o a NPT. Many of the vulnerabilities that we discovered in our research activity came from the analysis of the applications source code.

CR In detail
TRA - Training

We suggest different training and updating courses for web administrators, system analyst, developers and penetration testers. Training is a fundamental element to increase the security level and the teams awarness on the long run.

TRA In detail

Publications

A brief collection of publications, materials and presentations that our staff members produced and presented during their career.

This is a demonstration that IT Security is not just a profession for us but also a great passion.

Our publications

Research

Research is a fascinating activity that puts the computer security expert always against scenarios and challenges. For years, even through our non-commercial embodiment, ush.it - a beautiful place, we dedicated ourselves to the publication of advisories, exploit development and bug hunting.

Our researches

Certification and Training

Thanks to the experience gained during technical activities performed so far, the results of our research and our knowledge of IT Security issues and solutions, we are able to provide different training paths for those who are in position to execute offensive (auditor, penetration tester) or defensive (network administrators, developers) activities.

The Training

ISGroup SRL
Via Cantarane, 14
37129 Verona VR
CF e P.IVA 04164220230
REA VR-397513

Contacts

Social Network

© 2005-2025 ISGroup SRL. All Rights Reserved.

Sitemap  Privacy Policy  Cookie Policy

IQNET Certification ISO/IEC 27001:2022 Certification ISO/IEC 9001:2015 Certification

🎉 We want to talk to you! Book an appointment!