Home

was founded in 1995 as an independent supplier of IT-security related expertise and services. ITsec's reputation primarily comes forth from security-assessments and pen tests carried out on behalf of banking- and insurance industry, governmental organisations and some major telecom- and professional service organisations. In almost all situations the objective of assessments carried out by ITsec is to determine whether an Internet-based IT-service or application is sufficiently cybercrime-/hacker-proof.

ITsec staff can best be described as ethical hackers. They combine the skills of a hacker with the accuracy of your accountant and the integrity of your notary. Quality and reproducibility form the basis of all of our work. Most ITsec employees are recruited at local Institutes of Technology and subsequently trained in various IT security domains by ourselves. ITsec can rely on a long standing relation with Technical Institutes in Alkmaar, Haarlem and Amsterdam, where ITsec participates in IT security-related parts of the curriculum. Promising students are timely scouted and approached for graduation projects within our company.

was developed in 1998 with a major Dutch bank as launching customer. Subscribers to EVAS are constantly informed by our Haarlem-based Security Operations Centre on newly emerged security threats relevant to their specific IT- infrastructure. For this purpose, staff at our SOC constantly gathers information from several dozens of different sources, separates information from junk and uses the first to generate first-class alerts containing not only the vulnerability but in most cases also recommendations on how to respond to it.

is another well-known ITsec service. AVMS, developed early 2001 in cooperation with another major Dutch bank, is an Internet-based vulnerability scanning service. Subscribers to AVMS are periodically informed on the security status of their Internet-facing services through reliable and concise reports containing not only an oversight on potential vulnerabilities, but also recommendations on how to mitigate reported risks. AVMS, like EVAS, is backed-up by a professional helpdesk at our SOC, available for ad-hoc support in the follow-up of vulnerabilities.

as an addition to monitoring the security status of Internet-facing services the open source based tooling used for AVMS can also be deployed within the boundaries of the internal network(s) of a customer. In such a situation hard- and software, known as Artemis, are deployed as black box appliances. In most cases the Artemis appliances are operated by customer's staff trained to this purpose. Hard- and software support of Artemis is always being taken care of by ITsec under the terms of an SLA.