Analysis, Notification, and Alert Service (SANA) is the oldest and best considered service in Hispasec's history
SANA provides a complete alert system about software vulnerabilities, updates and patches regarding security, allowing our customer to know the vulnerabilities that could affect theirs products used on a daily basis.
Each customer recieves in a fast and personalized way as many alerts as flaws detected for monitoried products. For more complex systems, we have developed a complete API system that enables to customize and adapt this service to your needs.
Each alert is provided with all information needed and patches (if any) and countermeasures, all withing our 24/7 active service.
Historical report for every customer, where vulnerabilities affecting your system may be checked, allowing queries based on any alert characteristic .
The web interface, allows the administrator of your company to catalog vulnerabilities ,so that they can be informed about patched flaws, pending actions, etc.
It is all built-in in our CSIRT services panel , where executive statistics are available.
Antifraud joins Antiphishing, Antitrojan and Forensic analysis services. Antifraud is run by a 24/7 technical team that will handle your incidents as soon as they occur.
Antifraud service enables to handle incidents in an easy way by means of the real-time monitoring. By handling incidents, we mean neutralizing threats (e.g. phishing, trojans, etc.).
This service is oriented to banks and online transaction companies . Hispasec has developed sensors dedicated to detect and analyze fraudulent copies of this websites.
Antiphishing serivice alerts you any time a fraudulent infraestructure is detected and starts taking down process with our 24/7 team. The target is to take down fraudulent websites .
Success is guaranteed. Besides, a deep analysis of the attacker profile is conducted, in order to alert legal forces are alerted who can shutdown the fraudulent copies of websites..
Every incident is documented in our CSIRT and is correlated in executive graphs.
This service is oriented to banks and online transaction companies . Entity is monitored in our systems. If our automatic detection system alerts us about a potential malware affecting your entity, it is deeply studied by our analysis team that reverse-engineer the sample.
Once a trojan affects the entity has been detected, we first alert the customer and then we take down the infrastructure used by the trojan (e.g. dropsites).
Studying the sample enables to know eventual countermeasures that might be implemented in your bank portal in order to prevent some trojan families attacks.
By studying your clients infected systems, we can have a better understanding of the attack vector it is based on. It enables us to know the injection, perpetuation, ciphering, hiding methods, etc. All those characteristics allows us to get the malware profile affecting your company , and improves the detection of another possible families. Aside, it may be possible to implement some countermeasures so that the threats may be mitigated . It also allows us to alert your clients about how to detect suspect behavior when using your banking systems.
Knowing, preventing, and neutralizing the threats (phishing, trojan, etc.) affecting your entity
Once spotted, they are documented, results are comunicated to the one responsible for them, and proactive reinforcement measures are adopted. Always following a sequential process that allows to improve the system security by learning from the previous attacks.
Auditing your systems allows you to know what is the exact situation of your information assets, regarding proteccion, control and security measures. Auditing your systems is like a complete radiography of your systems security situation.
Auditing services meet 7 phases:
Auditing services may be:
Be aware of the vulnerabilities in your systems and get a technical report with a solution to your problems
Udyat is a powerful content crawler developed by Hispasec that registers every mention of your brand on the Internet.
It can index in real time most important services online: (Google, Twitter, Facebook, LinkedIn, Blogger...) enabling to generate personal alerts.
You will be able to handle your corporate image and foresee propagation of any mention online.
UDYAT is a powerful lexic classifier able to detect contents that may affect your company's image .
Since automatic detectection may lead to false positives or incorrect classifcations, the suspect content is revised by our analysts that validates and checks its categorization.
This treatment results in a structured lists ordered by categories that may be completed by your own choices.
Besides notifications, a graphical report is provided which includes charts that can be reused further in a presentation for instance.
It includes graphs and tables about:
Alerts may be checked in real time with our HTTP based API. This allows to replicate notification data base so it is integrated within other products, services or security aggregation portals .
Because of the HTTP based interface, it may be integrated with any program language.
Hispasec was founded at the end of 1988 with the launching of "una-al-día" ("One-Per-Day") which is considered to be the first daily service of technical information about IT security in Spanish language. It was created by a group of specialists with the aim of divulgation of the necessity of IT security for users of new information technologies.
The success obtained by "One-Per-Day" and the rest of public actions implemented by Hispasec (i.e. analysis, comparatives, new developments, etc.) originated in a practically spontaneous way a demand of service by professionals and companies.
Our lab, Hispasec Sistemas, was created in year 2000 in order to attend this demand. Hispasec Sistemas is an organization of a strong technical character, is based on 100% own capital with no participation of other companies and is managed by the very founders and owners of Hispasec.
Keeping track of the original path, the new direction adopted by Hispasec Sistemas makes possible to maintain and reinforce the public and free services given to the community but also to attend the increasing demand of professionals and companies.
Security, our reason for being
Hispasec was born due to and for Information Technology Security. From its very start it has specialized itself in the different areas of IT security.The company concentrates its investments for a dynamic growth according to criteria of purely technical nature and considering its team and their knowledge as its main strength.
Different points of view but one single aim< />
A multidisciplinary team of specialists in the main technological platforms and security areas allows to approach our projects with different complementary perspectives in order to find the best suitable solution according to the profile and requirements of our clients.
Laboratory acting with independence of third-party companies and/or products
Hispasec does not distribute third-party product nor has economic interests related to them, thus, our independent status has been crucial in guaranteeing the necessary objectivity and rigor in undertaking the study, analysis, and assessment of the security solutions to be adopted by our clients.
Professional consulting and know-how transfer
Hispasec is proud to work in closest contact with its clients proposing them customized services and dedicating a special attention to offering critical (in)formation. Permanent contact tools are at disposal of our clients enabling regular updates and the active participation of the clients in the constant process of security maintenance.