Information security

We provide the full spectrum of information security services: from technical audits and pentests to designing protection systems compliant with FSTEC and FSB requirements.

Our specialists have experience with personal data under 152-FZ, government information systems, critical infrastructure and banking systems.

What's included

FAQ

What does a technical security audit include?
Network analysis, server configuration checks, vulnerability scanning, access policy review, code analysis. Result: a report with prioritized recommendations.
Is 152-FZ compliance mandatory?
If you process personal data of Russian citizens — yes. This applies to the vast majority of commercial organizations. We conduct a compliance audit and help meet the requirements.
How long does a pentest take?
A basic web application pentest — 1–2 weeks. A full infrastructure test with social engineering — 3–6 weeks. Results include a technical report and executive presentation.
Do we need ongoing security support?
For GIS, banks and healthcare — we recommend permanent SOC monitoring. For smaller companies an annual audit and incident response is sufficient.
Do you work with critical information infrastructure (CII)?
Yes. We have experience with CII objects and requirements of 187-FZ and FSTEC orders. We help with categorization and building a compliant security system.

All Services