We introduce improvements in the service we provide to our clients, particularly in the monitoring service, with the use of MrLooquer technology, and we reinforce the security of the system for sharing documentation.
LEET Security's cybersecurity rating methodology is developed cyclically, with annual audits being the fundamental means of granting the rating, but not the only one. As described in the rating guide, the services are subject to monitoring throughout its validity.
One of the components of this continuous monitoring consists of the digital supervision of the entity, which has been carried out by reviewing "pastebines" type forums. To have a better perspective on this aspect, we have signed an agreement with the Dualogy company, for the use of its MrLooquer tool, which allows us to monitor the footprint of our clients on the Internet and to know, in an unattended and automatic way, their level of security in their exposure to attacks from the network.
With these checks, non-intrusive and without any risk to the customer, MrLooquer performs a first-rate diagnosis to detect problems that can be overlooked due to the difficulty of performing detailed analysis every day on all exposed assets.
At LEET Security we use this monitoring tool as an indicator that provides our rating service with greater additional value, since we will periodically share with our clients the result obtained through this process, who, temporarily, is given access to the tool to contrast the results offered.
We are sure that this additional information, included within our services at no additional cost, will be of great interest and help to protect the information systems of our clients.
Secure channel for information sharing
As part of the qualification process, we request from our clients the contribution of different types of documentation that in many occasions is of a sensitive nature. The interim and final reports provided after evaluations are also confidential.
To facilitate the secure exchange of information, we have put into operation a new mechanism through a platform that has high security standards: data transport is done with the S3 protocol, over a 256-bit SSL connection (TLS v1 .2), being stored encrypted with CBC-AES-256.
The provision of documentation by our customers will be made by uploading it to an address, which will be provided through a single link, and which will only allow loading, without any other type of access.
On the other hand, LEET Security will send reports and other confidential information, through these same types of single-use links, for the client to download the corresponding document.
Suscribe to our newsletter here
You can follow us on twitter.com/leet_security