Summary of the "Workshop - security of information systems".

We finished in early July series of workshops introducing our clients to IT security issues. There were four meetings devoted to the following topics:

• Penetration tests (reconnaissance, scanning, enumeration, metasploit, password cracking, wifi analysis),
• Social engineering tests (backdoors, delivering malware, avoiding detection by antiviruses),
• Web application tests (password cracking, SQL injecting, BurpSuite scanning),
• Risk analysis and protection of personal data in the context of GDPR.

In total, about 40 people visited us during the workshops. More people were interested, but due to the capacity of our conference room, we could not register all of them

Our experience gained so far during security audits and system tests shows that the security solutions used in enterprises do not correspond to rapidly changing threats, and one of the most effective and, at the same time, the most neglected security measures for IT systems is training and a continuous process of improving employee competences. It should be noted that training should be periodic and be oriented towards updating knowledge in line with emerging threats.

I am pleased to inform you that our autumn safety workshop proposals for you are very interesting. You will of course be informed about the dates. The topics presented include new generation firewalls operating on the application layer, protection of workstations with the use of behavioral analysis, issues of backup as a service and outsourcing of services related to security.

Using the links below, you can read the materials from our workshops:

• Ethical hacker workshop,
• GDPR workshops - risk analysis,
• assets - risk analysis.

We would like to thank all participants for their time and feel free to contact us.