Audit & Assessment

Consulting & Integration

Detection & Incident Response

Training & Awareness

By its human scale, its expert resources selected with great care and strategic partnerships, Brightway has flexible operation centered on customer interest and delivers quality services. Convinced that security should not be a luxury or second necessity service, everything is done to ensure that clients’ budgets are respected.

« Give yourself the means to succeed thanks to our expertise »

AUDIT & ASSEEEMENT

The first step towards securing its data is the knowledge of its information system, weaknesses, vulnerabilities, threats around it and risks to these shortcomings.

Knowledge of the Information System inevitably involves an audit of all or part of it, by means of :

  • Organizational audit
  • Process auditing
  • Compliance audit (to Security Policy and/or to regulation)
  • Technical audit of infrastructures
  • Technical audit of network and application security (source code audit, internal / external penetration test, etc.)
  • Employee maturity audit

CONSULTING & INTEGRATION

Once the weaknesses have been identified, Brightway provides support for security and / or infrastructure managers in order to establish priority action plans and put them into practice.

Examples of services that can be provided by Brightway teams :

  • Implementation of the documentary corpus : IS security policy (ISSP), Business Recovery Plan (BRP), Business Continuity Plan (PCA), Incident Response Plan (IRP), etc.
  • Study and proposal of secure IS architecture (on premise / Cloud)
  • IT infrastructure / Security project management ;
  • Installation of IS security equipment: firewall, IDS / IPS probe, etc.
  • Risk analysis

DETECTION
& INCIDENT RESPONSE

Once all the protections are in place, organizations must now acquire means of detection, analysis and response allowing them to detect abnormal behavior, to fight efficiently and quickly against cyber attacks while meeting the standards in force regarding security log retention.

As part of this operational security management, Brightway offers two operating modes:

  • The implementation and configuration of a security event detection solution within customer’s premises (vulnerability detection and remediation, event detection, qualification and classification of IS security incidents, response to IS security incidents, etc.), etc.
  • The provision of security event detection solution within the Brightway security operations center (SOC) which assumes the role of an information security event control tower and supports its customers in the investigation.

TRAINING & AWARENESS

It has become known that the weakest link in the information security chain is the human. On this basis, Brightway offers support to its clients in raising the IS security knowledge level by providing both:

  • Training for a seasoned audience in IT and even IT security. This training can be technical or managerial in several areas of IS security; some are intended to prepare professional certifications.
  • Awareness sessions for all employees using the organization’s information system without having much knowledge of data security: this can also concern business leaders, as they have access to and handle sensitive data.

« Ask for our training catalog or contact us for tailor-made sessions »