Cybersecurity
Forward Global has over 120 information systems security engineers and experts. Our cybersecurity practice enables us to ensure the continuous protection of our clients’ information assets, conduct security audits, secure applications, and respond to incidents. Our experience allows us to engage in cybersecurity training and awareness-raising for a wide audience, as well as to devote a significant amount of time to R&D and technical innovation.
+ 1,500
Over 1,500 security audits conducted annually across all sectors
+ 120
Over a hundred engineers, analysts and technical experts across the group
+ 200
Over 200 clients supported every year (multinational companies, SMEs, government ministries, local authorities)
Services
Cyber Security Incident Response (CSIRT)
Anticipating and Preparing Incident response and Crisis Management
- Assessing organizational crisis management maturity level
- Developing and assessing response procedures and mechanisms in conjunction with organizational and decision-making teams
- Testing response capabilities
- Threat Hunting, analysis and reverse engineering of malicious code and research into indicators of compromise
Reacting in the Event of a Compromise
- Assessment and processing of alerts
- Removal of doubt and forensic analysis
Computer Forensics
- Researching the attack process
- Identifying the vector and date of compromise
- Analysis of attackers’ modus operandi
- Estimation of potential data leaks
Crisis Management and Disaster recovery
- Crisis management and communications support
- Remediation support
- Regular supervision to prevent future malicious acts
- Detection of post-incident data leaks
- Recovery of encrypted data (ransomware)
Developing Forensic Tools
Cybersecurity Risk Assessment, Audit & Certification
Conducting Security Audits
- Penetration tests
- Red Team audits
- Product audits
- Architecture and configuration audits
- Review of security procedures
Conducting of Application Audits
- Source code analysis
- Reverse engineering
- Secure development
Conducting of Industrial System Security Audits
- Industrial network/IT network leak-tightness audits
- Programmable local controller (PLC) audits
- IoT audits
- Embedded systems audits
- Sensor-based systems audits
Reverse Engineering of Malware
- Ransomware analysis
- Banking malware analysis (Dridex, ZeuS, Flokibot, etc)
- State-sponsored and APT malware analysis (Duqu, Longhorn, BlackLambert, etc)
- Memory-only, fileless malware analysis (using mainly PowerShell)
- Analysis of specialized malware (Malware PoS,
- Malware SWIFT, ATM, etc.)
Cyber Due Diligence and Risk Assessment for M&A transactions
- Mapping of assets exposed on the Internet
- Cyber maturity assessment of acquisition targets
- Post-closing integration security assessment
- Audit of the technical framework for secure negotiations
Cyber Threat Intelligence (CTI)
Mapping, Analysis and Monitoring of Criminal Ecosystems
- Attack claims and detection of attack warning signs
- Monitoring of illicit markets and resale of fraud techniques
Mapping of Exposed Services and Shadow IT Detection
Detection and Monitoring of Sensitive Data Leaks
Cyber Risk Management & Strategy
- Analysis of technology-related regulatory and legal issues
- Mapping of public and private sector actors
- Analysis and opening up of international markets
- Technical and operational foresight studies
Cryptocurrency & Web3 Investigations
Audit & Investigations: Off Chain
Audit and investigations of infrastructures related to the Blockchain (servers, protocols)
Organizational audit and investigations to assess security controls within Blockchain processes
Architecture, Configuration and Cryptographic audits and investigations
Audit & Investigations: On-Chain
Smart Contract audits and testing
Ownership audits
Flow transfer audit
Asset Tracing and Intelligence
- Cryptocurrency and NFT asset tracing
- Wallets under sanction checking
- Expert testimony on issues to Cryptocurrency and Web3 fraud
Cybersecurity Awareness Training
- Preparing and running crisis management exercises simulating real-life conditions
- Deployment of digital training sessions (e-learning) for employees or cybersecurity experts
- Practice-based awareness-raising and knowledge transfer for stakeholders
Forward Global’s dedicated entities
Our cyber subsidiaries
Our laboratory for processing and recovering sensitive and large datasets
Our platform for real-time offensive assessment of web application security
Our SaaS cyber training platform
Our SaaS cyber mapping solution
Services