References

Data Center Security Audit

Client: AL Ahli International Bank – Lebanon

Date: 2009

Objective:

Work Accomplished:

Intranet Security Audit

Client: United Nations Office on Drugs and Crime (UNODC) - Lebanon

Date: 2009

Objective:

Assessment of the security level of the intranet established between three government sites.
Audit of the physical, network, system and application infrastructures of the intranet.
Audit of the internally developed application.
Assessment of the radio connections established between the different sites.

Work Accomplished:

Assessment based on ISO 27001 standard
Internal Penetration Tests from the local network: In order to identify the possibility for an attacker to compromise the confidentiality, integrity and availability of the Information System
Vulnerability analyzes on servers, networking devices and applications.
Analysis of the traffic passing through wireless links.

Security Policy Audit and Internal Penetration Tests

Client: Université Saint Joseph - Lebanon

Date: 2008

Objective :

Assessment of internal security policy and the level of security against intrusion risks.
Evaluation and analysis of the effectiveness and efficiency of the deployed security controls
Increasing the Actual level of Security.
Enhancing the security policy.

Work Accomplished:

Audit of internal security policy according to ISO 27002.
Perform External penetration tests through the Internet: Evaluate the risk of access to confidential information on the internal network via the Internet
Internal Penetration Tests from the local network: In order to identify the possibility for an attacker to compromise the confidentiality, integrity and availability of the Information System
Perform vulnerability scans on servers and networking equipment.

Security Awareness Seminars & Trainings

Client: ETIMCO/IRIS – Republic of Congo

Date: 2009

Objective:

Organization, preparation and presentation of Security Awareness Workshop on information systems security targeting the IT managers and Security Staff
Introduce the basic concepts of Information Systems Security
Introduce the risks linked to the emergence of new technologies.
Introduce the different types of attacks and their countermeasures
Provide a positive image of Ethical Hacking, showing that it can be used for good and legal purposes.
Provide a forum for exchange between professionals and enthusiasts to share knowledge and expertise in Information System Security
Allow the participants to practice their art in a legal framework.

Work Accomplished:

Security Assessment and Intrusion Testing

Client: Berytech Pôle Technologique - Lebanon

Date: 2008

Objective:

Review of the current Security level and intrusion risks, and definition of the Security baseline.
Securing the internal network of the company.
Definition of the internal security policy.
Risk Management

Work Accomplished:

Internal Penetration Tests from the local network: In order to identify the possibility for an attacker to compromise the confidentiality, integrity and availability of the Information System
Perform vulnerability scans on servers and networking equipment.
Risk Identification
Proposition of the internal Security policy Outline based on the ISO 27002 Standard
Assessment based on ISO 27001 Standard

Vulnerability Assessment and Intrusion Testing

Client: Ecole Notre Dames De Jamhour - Lebanon

Date: 2008

Objective:

Review of the current Security level and intrusion risks, and definition of the Security baseline.
Securing the internal network of the company.
Risk Management.

Work Accomplished:

Internal Penetration Tests from the local network: In order to identify the possibility for an attacker to danger the confidentiality, integrity and availability of the Information System
Perform vulnerability scans on servers and networking equipment.
Risk Identification
Assessment based on ISO 27001 standard