Audit & Assessment

Consulting & Integration

Detection & Incident Response

Training & Awareness

De par sa taille humaine, ses ressources expertes sélectionnées avec le plus grand soin et ses partenariats stratégiques, Brightway a un fonctionnement souple centré sur l’intérêt de ses clients et délivre des prestations de qualité. Convaincu que la sécurité ne doit pas être un service de luxe ou de seconde nécessité, tout est fait pour que les budgets des clients soient respectés.

« Give yourself the means to succeed thanks to our expertise »

Audit & Assessment

The first step towards securing its data is the knowledge of its information system, weaknesses, vulnerabilities, threats around it and risks to these shortcomings.

Knowledge of the Information System inevitably involves an audit of all or part of it, by means of:

  • Organizational audit
  • Process auditing
  • Compliance audit (to Security Policy and/or to regulation)
  • Technical audit of infrastructures
  • Technical audit of network and application security (source code audit, internal / external penetration test, etc.)
  • Employee maturity audit

Audit & Assessment

The first step towards securing its data is the knowledge of its information system, weaknesses, vulnerabilities, threats around it and risks to these shortcomings.

Knowledge of the Information System inevitably involves an audit of all or part of it, by means of:

  • Organizational audit
  • Process auditing
  • Compliance audit (to Security Policy and/or to regulation)
  • Technical audit of infrastructures
  • Technical audit of network and application security (source code audit, internal / external penetration test, etc.)
  • Employee maturity audit

Consulting & Integration

Once the weaknesses have been identified, Brightway provides support for security and / or infrastructure managers in order to establish priority action plans and put them into practice.

Examples of services that can be provided by Brightway teams :

  • Implementation of the documentary corpus : IS security policy (ISSP), Business Recovery Plan (BRP), Business Continuity Plan (PCA), Incident Response Plan (IRP), etc.
  • Study and proposal of secure IS architecture (on premise / Cloud)
  • IT infrastructure / Security project management ;
  • Installation of IS security equipment: firewall, IDS / IPS probe, etc.
  • Risk analysis

Consulting & Integration

Once the weaknesses have been identified, Brightway provides support for security and / or infrastructure managers in order to establish priority action plans and put them into practice.

Examples of services that can be provided by Brightway teams :

  • Implementation of the documentary corpus : IS security policy (ISSP), Business Recovery Plan (BRP), Business Continuity Plan (PCA), Incident Response Plan (IRP), etc.
  • Study and proposal of secure IS architecture (on premise / Cloud)
  • IT infrastructure / Security project management ;
  • Installation of IS security equipment: firewall, IDS / IPS probe, etc.
  • Risk analysis

Detection
& Incident Response

Once all the protections are in place, organizations must now acquire means of detection, analysis and response allowing them to detect abnormal behavior, to fight efficiently and quickly against cyber attacks while meeting the standards in force regarding security log retention.

As part of this operational security management, Brightway offers two operating modes:

  • The implementation and configuration of a security event detection solution within customer’s premises (vulnerability detection and remediation, event detection, qualification and classification of IS security incidents, response to IS security incidents, etc.), etc.
  • The provision of security event detection solution within the Brightway security operations center (SOC) which assumes the role of an information security event control tower and supports its customers in the investigation.

Detection
& Incident Response

Once all the protections are in place, organizations must now acquire means of detection, analysis and response allowing them to detect abnormal behavior, to fight efficiently and quickly against cyber attacks while meeting the standards in force regarding security log retention.

As part of this operational security management, Brightway offers two operating modes:

  • The implementation and configuration of a security event detection solution within customer’s premises (vulnerability detection and remediation, event detection, qualification and classification of IS security incidents, response to IS security incidents, etc.), etc.
  • The provision of security event detection solution within the Brightway security operations center (SOC) which assumes the role of an information security event control tower and supports its customers in the investigation.

Training & Awareness

It has become known that the weakest link in the information security chain is the human. On this basis, Brightway offers support to its clients in raising the IS security knowledge level by providing both:

  • Training for a seasoned audience in IT and even IT security. This training can be technical or managerial in several areas of IS security; some are intended to prepare professional certifications.
  • Awareness sessions for all employees using the organization’s information system without having much knowledge of data security: this can also concern business leaders, as they have access to and handle sensitive data.

« Ask for our training catalog or contact us for tailor-made sessions »

Training & Awareness

It has become known that the weakest link in the information security chain is the human. On this basis, Brightway offers support to its clients in raising the IS security knowledge level by providing both:

  • Training for a seasoned audience in IT and even IT security. This training can be technical or managerial in several areas of IS security; some are intended to prepare professional certifications.
  • Awareness sessions for all employees using the organization’s information system without having much knowledge of data security: this can also concern business leaders, as they have access to and handle sensitive data.

« Ask for our training catalog or contact us for tailor-made sessions »