Latest news.
Cybersecurity Services
Offensive Security
Our Offensive Security Services helps our client to identify potential risks, namely, Technical Vulnerabilities through one-off or Persistent Penetration Testing (KEEP-IT-SECURE-24), on top of this, Devoteam Cyber Trust also provides recommendations and support to mitigate the identified issues.
Consulting
We support our clients in the implementation and adoption of controls used to effectively reduce the risk. Based on the deep knowledge and experience of our team we help companies to implement Information Security Management Best Practices and Standards.
Cybersecurity Engineering
Our Cybersecurity Engineering practice provides an integrated solution that not only helps our clients determine the weaknesses of the technological and procedural aspects, but also to define and guide to its resolution, in accordance with the best recognized information security practices.
Training & Awareness
Organisations tend to invest in Technology and Processes but the weakest link is People. Thus, it is essential to assure the balance between these three elements of Information Security.
A team can only feel good about its clients if it feels good about itself. At Devoteam Cyber Trust we give utmost importance to knowledge sharing, good working environment and healthy competition to obtain the maximum performance in what we do.
Devoteam Cyber Trust is essentially supported by a group of Expert and Senior professionals who are able to work in every area of focus due to a combination between their expertise and relevant Internation certifications.
MSc in Information Security (Royal Holloway)
PostGraduate in Information Security (Royal Holloway)
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM)
Certified in Risk and Information Systems Control (CRISC)
ISO 27001 Lead Auditor
Certified Information Systems Security Professional (CISSP)
Information Systems Security Management Professional (CISSP-ISSMP)
Offensive Security Certified Professional (OSCP)
GIAC Penetration Tester (GPEN)
eLearnSecurity Web application Penetration Tester eXtreme (eWPTX)
ITILv3
Offensive Security Web Expert (OSWE)
PCI QSA (Qualified Security Assessor)
We can´t keep fighting current and future threats the same way we used to in the past.
Constant threat evolution and information technology dynamics, compels for a constant adaptation
of practices, tools and approaches in the Cybersecurity world.
Capitalizing our experience, know-how and acknowledgment of current requirements, Devoteam Cyber Trust has
in its DNA the need to constantly create new and innovative approaches that can bring added-value.
We are a certified company that is focused on protecting its client's information and providing a world class service based on Industry Standards and best practices.
International reference and standard in Information Security Management. Its principle is to
adopt a set of requirements, processes and controls to properly manage organisation risk. The goal of
the accreditation has been the protection of our clients projects information.
Read more
We are the only Portuguese company approved by CREST concerning its Penetration Testing
services, that take into account all the Technical and Management issues of Penetration Testing.
Read more
International reference and standard in Quality Management. The scope of our certification
has been Consulting, Auditing and Advisory in Information Security and Implementation of Management
Systems.
Read more
We undergone a process of accreditation with the Portuguese National Security Cabinet
(PNSC) to meet customer requirements and requests regarding the access and handling of
classified
information.
Read more
Integrity S.A. was recognized by PCI Security Standards Council as a Qualified Security Assessor (QSA)
certified entity, being our team of qualified consultants now capable of auditing companies’
processes associated with payment card transactions independently, in accordance with the PCI-DSS
global security standard.
Read more
We submitted to the accreditation process by Bancontact for payment security assessments in mobile applications under the Bancontact approval system.
Read more
International standard addressing Private Information Management Systems. Its principles involve defining requirements and providing guidance to assist businesses in managing privacy risks related to personally identifiable information. The scope of certification aims to protect customers' personal data and ensure compliance with privacy regulations.
Read more
We are accredited by the European Payment Initiative (EPI) to conduct security assessments of Wero, the mobile digital wallet, specifically for mobile payment applications, in compliance with the EPI Scheme.
Read more
We provide service to a considerable number of large and medium-sized companies both at a national and international level. if you wish to find more about our references and projects, we will be happy to arrange a meeting with you.
Banking and Insurance
Retail
Aviation
Industry
Energy
Healthcare
Government
Service Organisations
Transportation
Information Technology
Telcos
Entertainment
Currently we provide services in more than 20 Countries over 5 Continents.
TL;DR Apple’s iOS IKEv2 VPN On Demand may leak traffic when it is unable to establish an IPSEC tunnel to the defined VPN gateway. We’ve reported this to Apple, and after analysing it they didn’t consider it a security issue. Details VPN On Demand is a feature from iOS (and OSX) that allows the enforcement of a specific set of rules when the connection being used by the iOS device requires a specific VPN connection in order to...
This article summarises the discovery and analysis of the XXE vulnerability in Apple iOS Office Viewer (CVE-2015-3784). It assumes the reader already has a basic understanding of XXE attacks. Also, tests are performed on a jailbroken iOS device for...
A vulnerability in the guest network web interface of the Belkin N750 DB Wi-Fi Dual-Band N+ Gigabit Router with firmware F9K1103_WW_1.10.16m, allows an unauthenticated remote attacker to gain root access to the operating...
