IT Centrs
SIA IT Centrs was founded in 2000 and since then has provided IT security consulting, audits, testing and training for clients in Latvia and abroad. We also develop technical specifications and work tasks for IT system purchases.
Our enterprise is one of the leader companies in IT security business in Latvia and works alongside international companies.
The team
The team works together in penetration testing and IS security consulting projects for more than 6 years and all are full time employees of IT Centrs. Consultants have all necessary certifications to perform information systems audits: CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), ISO 27001:2013 (Information Security Management Systems Auditor / Lead Auditor), OPST OSSTMM 3.0 (OSSTMM Professional Security Tester), EC-Council CEH (Certified Ethical Hacker).
The team members regularly take part in NATO Cooperative Cyber Defense Centre of Excellence organized trainings for government IS professionals as Red and Blue Team members. The task of Red Team is to penetrate IS systems secured defended by members of Blue Teams.
Penetration tests
Web application penetration tests according to OWASP Testing Guide and Application Security Verification Standard (ASVS), including testing for:
Cross-site scripting,
Information leakage,
Content spoofing,
Predictable resource location,
SQL injection,
Insufficient authentication,
Insufficient authorization,
Abuse of functionality,
Mobile application tests for Android and iOS applications according to OWASP Mobile Security Testing Guide (MSTG) and Mobile Application Security Verification Standard (MASVS).
Security testing for IoT devices.
Infrastructure penetration testing. .
Read-team and social engineering tests.
Regular security scanning and log monitoring.
Information security audits
ISO 27001 compliance,
State information systems audits ,
Audits according to The Financial and Capital Market Commission requirements.
Training
Introduction to information security for IT personnel
Secure web application development and web application security for developers
Advanced web application security
Wireless security