Vanderlog offers services in the field of cyber security. Its core services include anti-phishing and brand protection, penetration testing, secure source code analysis, network and system security auditing, malware and incident analysis, vulnerability and breach assessment.

Vanderlog offers the following services:

Penetration Testing

External penetration testing:

  • We use same attack tools, methods and tactics used by the attackers
  • We find vulnerabilities and misconfigurations before attackers
  • We prevent data breaches

Internal penetration testing:

  • We use “insider threat scenario”, covering both malicious actors in your system and disgruntled employees
  • We look for clues and vectors to hunt down already existing hacker footprints in your system

Malware and Incident Analysis

7/24 Service:

  • Quick response time
  • Report and IOC delivered less than 24h

Our reports contains:

  • Exactly what happened?
  • Impact of the attack
  • Ensure you’ve located all infected machines and files
  • How to measure and contain the damage
  • Find signatures for intrusion detection systems

Brand Protection & Phishing Training

We provide internet and social media monitoring:

  • We scan Internet regularly for phishing and malware downloaders
  • We have the power of using our well recognized in-house developed BEAST (Phishing Simulator tool)

We also scan for vulnerabilities:

  • Web, Mail and DNS servers
  • Remote access ports
  • Databases

We provide regular AI-based phishing campaigns:

  • to test your employees against real word phishing attacks offer statistics on which one of your employees are more likely to become a victim
  • provide state-of-the-art phishing training to educate
  • employees against real phishing attacks

Web Application Security Auditing

We identify the security risks:

  • caused by application-related software and system errors before the attackers

We report on risk and vulnerability:

  • recommendation on clear solution alternatives
  • necessary technical support for remediation

We use regularly updated tools and methodologies

Mobile Application Security Auditing

We identify risks caused by software and system errors related to the application:

  • performing static and dynamic security tests
  • approaching like attackers

We report on security vulnerabilities detected during testing:

  • technical assistance during fixing the security vulnerabilities?
  • validation tests after elimination of security vulnerabilities

Secure Source Code Analysis

We detect errors and hidden vulnerabilities in source code:

  • source code reviewed by latest automated tools and manual inspection, multiple reviewers and tools used

We report on security vulnerabilities detected during testing:

  • technical assistance during fixing of the security vulnerabilities

Network and System Security Auditing

We provide audit services through detection of security weaknesses caused by:

  • configuration mistake
  • policy violation or policy failures

Our methodology is based on NIST 800-115, PCI System Test Guide, PTES, ISSAF and OSSTMM

We provide:

  • Network and System Security Audit Methodology
  • Report on security vulnerabilities detected during testing
  • Technical assistance during fixing of security vulnerabilities
  • Validation tests after eliminating security vulnerabilities

VoIP/UC System & Application Security Auditing

We provide audit services through detection of security weaknesses caused by:

  • configuration mistake
  • policy violation or policy failures

Our methodology is based on penetration testing standarts including NIST 800-58

We provide:

  • VoIP/UC Security Audit Methodology
  • Report on security vulnerabilities detected during testing
  • Technical assistance during fixing of security vulnerabilities
  • How to measure and contain the damage
  • Validation tests after eliminating security vulnerabilities

All rights reserved @ DataLead Consulting