IT Centrs 

SIA IT Centrs was founded in 2000 and since then has provided IT security consulting, audits, testing and training for clients in Latvia and abroad. We also develop technical specifications and work tasks for IT system purchases.

Our enterprise is one of the leader companies in IT security business in Latvia and works alongside international companies.

The team

The team works together in penetration testing and IS security consulting projects for more than 6 years and all are full time employees of IT Centrs. Consultants have all necessary certifications to perform information systems audits: CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), ISO 27001:2013 (Information Security Management Systems Auditor / Lead Auditor), OPST OSSTMM 3.0 (OSSTMM Professional Security Tester), EC-Council CEH (Certified Ethical Hacker). 

The team members regularly take part in NATO Cooperative Cyber Defense Centre of Excellence organized trainings for government IS professionals as Red and Blue Team members. The task of Red Team is to penetrate IS systems secured defended by members of Blue Teams.

Penetration tests

  • Web application penetration tests according to OWASP Testing Guide and Application Security Verification Standard (ASVS), including testing for:

    • Cross-site scripting,

    • Information leakage,

    • Content spoofing,

    • Predictable resource location,

    • SQL injection,

    • Insufficient authentication,

    • Insufficient authorization,

    • Abuse of functionality,

  • Mobile application tests for Android and iOS applications according to OWASP Mobile Security Testing Guide (MSTG) and Mobile Application Security Verification Standard (MASVS).

  • Security testing for IoT devices.

  • Infrastructure penetration testing. .

  • Read-team and social engineering tests.

  • Regular security scanning and log monitoring.

Information security audits

  • ISO 27001 compliance,

  • State information systems audits ,

  • Audits according to The Financial and Capital Market Commission requirements.

Training

  • Introduction to information security for IT personnel

  • Secure web application development and web application security for developers

  • Advanced web application security

  • Wireless security