Cyber Security
Assessment and testing laboratories, proprietary technologies for threat analysis and data FUSION and specialised vertical cyber-intelligence expertise
Cyber Security
The Unit is equipped with specific resources, both human and infrastructural, capable of supporting requests of different types and with extremely stringent requirements. This convergence has led to new solutions enable to address specialized requirements that complement existing market offerings. The resources deployed are aimed at both defensive and offensive activities.
In the Cyber Security domain, activities are divided into 4 areas:
- Proprietary Technology Development
- Cyber Space Operation
- Security Assessment Laboratory (LVS), accredited by ACN (National Cybersecurity Agency) - OCSI
- Accredited Testing Laboratory (LAP)
Operational activities support customers in completing tasks related to the Cyber domain and in effectively using the solutions that are developed and implemented.
The laboratories, relying on precise ACN (National Cybersecurity Agency) regulations, focus on ICT secuirty testing performance and on the different types of Software.
The Security Assessment Laboratory aims to certify products according to the Common Criteria standard (ISO 15408:2022).
The Accredited Testing Laboratory operates to carry out the testing of all devices which are intended to be deployed on government networks or on the infrastructure of the National Cyber Security Perimeter. The performed tests are both functional and invasive and aim to find out the security and risk level of the device, both software and hardware.
The assigned personnel has proficient expertise in penetration testing, code development, reverse engineering, bypassing of security measures, analysis of structured or unstructured data and red teaming ops.
Related features
Malware Analysis
Malware represents a major threat within the IT landscape, making the implementation of sophisticated prevention techniques essential. Malware analysis focuses on examining anomalous code through static (SAST), dynamic (DAST), and interactive (IAST) methods to identify its structure, functions, and behaviour. To determine the security impact of a given sample, specialised reverse engineering activities are also performed to extract information useful for understanding the characteristics of the malicious code and identifying the necessary remediation measures.
Cyber Data Fusion
Tools capable of extracting meaningful information, from networks and systems (events, PCAP logs and data of any nature), are essential to address the challenges posed by a world in which hybrid threats are multifaceted and difficult to detect. In this context, a key element is the ability to fuse large volumes of data (Big Data) and perform subsequent analysis by integrating multiple innovative technologies, including Artificial Intelligence (AI). Identifying new vulnerabilities requires an integrated approach that leverages tools and methodologies developed through years of experience by those who have made prevention their mission.
Cyber Threat Intelligence
An intelligence tool designed to identify multiple vulnerabilities within an organization and adopt specific defense strategies against potential cyber attacks. This activity, especially intelligence gathering, is conducted through the use of multiple sources, and the resulting information assets are shared across the entire structure. Therefore, the ultimate goal is to provide actionable information about risks arising from current and emerging threats, especially within networked environments, where organizations are interconnected to conduct all or part of their business activities.
In this scenario, many threats can remain hidden within information systems for extended time. Hence, there is a need for a tool capable of performing comprehensive understanding the data collected about potential threat, providing aggregation, interpretation, correlation and analytical capabilities.
Analysis and Testing Laboratory
The "Analysis and Testing Laboratory" is designed to operate in accordance with the latest ACN guidelines for the verification and control of the security assets used in national infrastructures. The Laboratory supports Institutions, Entities and Large Enterprises during technological transition phases as well as in the development and consolidation of their infrastructures.
Security Assessment Laboratories
Accredited by OCSI, the Security Assessment Laboratories perform evaluations of products/systems or protection profiles according to the National Scheme and under the supervision of the Certification Body. They also provide customer support and training activities on information security issues in general and on evaluation techniques in particular.
Training
Thanks to its Academy, which has been active for many years, IPS also offers training courses in the field of Cyber Security, delivered by certified and experienced personnel.