We analyze security as a whole, taking into consideration the specifics of the industry and business objectives of the company.
Evaluation of the security posture
The scope of our work is usually a combination of the following services in three main areas:
1) Application:
- Application penetration tests (web, mobile, thick client)
- Application source code reviews
- ERP system security assessments
- Evaluation of the system design from a security perspective
2) Infrastructure:
- Analysis of security architecture
- Internal and external vulnerability tests as well as penetration tests
- Evaluation of security configuration of infrastructure elements
- Analysis of device security (IoT/IIoT)
- Physical security tests
3) People:
- Analysis of the maturity of processes and organization security
- Compliance reviews of the organization and processes with applicable regulations
- Verification of employees’ vulnerability to social engineering attacks
- Verification of the effectiveness of security monitoring and incident response functions
Our services bring, among others, the following benefits:
- Reducing operational risk by identifying weaknesses in the security of the tested infrastructure and applications as well as providing the possibility of improving the cybersecurity processes and organization.
- Confirmation of due diligence, for the regulatory and supervisory authorities, through a security audit performed by an independent and recognized by the industry team of experts.
- Improving the competence of employees in the field of cybersecurity, thanks to the cooperation with an experienced advisor, who is open for knowledge transfer.
Submit request for proposal (RFP)
Learn more about how KPMG knowledge and technology can help your business.
Click to start
