About Solutions Blog Resources Contact

Personalised security solutions
for your bussiness needs

We offer you different packages and levels of cyber security.
The core of each package is our innovative, all-in-one VulPen Engine.

VulPen Engine is our innovative and all-in-one infrastructure vulnerability scanner and penetration testing solution. VulPen Engine is unique, because it effectively combines penetration testing and infrastructure vulnerability scanning in a fully automated process allowing it to run 24/7/365.

Through VulPen Engine, we replicate the process of a real threat actor or hacker and take the outside in approach. We do not require login details, internal agents or any other type of initial network access for our solution to work. We also aim to achieve consistency by planting reverse shell triggers and/or backdoors as part of our network enumeration.

VulPen Engine scans your domain automatically and continuously.
Once VulPen Engine finds vulnerabilities it will take two actions.

I.It will, within minutes, automatically notify you of the most critical vulnerability found through email. This email contains CVE number, description and fix.

II.It will actively exploit the vulnerability and progress in penetrating your IT infrastructure.

VulPen Engine also has built in toolsets to create firewall bypasses. Firewalls are an essential corner stone of cyber security. They can keep amateur hackers out, but professionals often are able to get around them. That’s why we have built into our solution tools to bypass firewalls, keeping up with the skills and tools that threat actors develop for their criminal purposes.

Our cyber security packages

Services
Starter
Enhanced
Ultimate
Description
Basic and solid preventative cyber security solutions
Extra security through pro-active Darkweb scanning
Reduce the chance of successful cyber attacks by up to 95%
VulPen Engine
IT supply chain attacks
Fortnightly reporting
Business Review
Quarterly
Monthly
Dark Web scanning for compromised company accounts
Pro-active anti-phishing solution
Social engineering attacks
Dedicated Account Manager
2 hours consulting time per month

What are supply chain attacks?

Our VulPen Engine is developed to attack your IT infrastructure using the vulnerabilities it finds. It will start with the most critical vulnerabilities first. In case VulPen Engine cannot use any vulnerabilities in your IT infrastructure, it will focus its attention to your IT supply chain. For example, it will attack the infrastructure of your IT solution providers, i.e. your domain host, in order to attempt forced entry to your IT infrastructure.

Dark Web scanning for compromised company accounts

Despite all the tech available within cyber security, the weakest link unfortunately remain your employees. Whether it be opening phishing emails or texts or poor password hygiene, human weakness is often used and exploited by threat actors to install malware on your IT infrastructure.

That is why we developed a solution which scans the Dark Web searching for any compromised company accounts, like email addresses and passwords of your employees. If we find any, this will be immediately reported to you for actioning and closing the vulnerability.

Our Darkweb scan also searches for any other company information on your business that could create vulnerabilities and increase the risk of a cyber attack.

Pro-active anti-phishing solution

Our solution pro-actively scans the Dark Web to detect the creation of malicious domains set up to create a phishing attack. We'll explain how we do this.

We have developed a solution based on the Certstream intelligence feed (https://certstream.calidog.io/). Certstream's intelligence feed essentially tells the world each time a new ssl certificate/encryption key is created.

We take this information, process it and check the domain name against predetermined rules. These rules include aspects that can signal malicious intent. Examples are: deliberately confusing names, deeply nested subdomains like: paypal.com.accountupdate.internet.security rather than paypal.com or using lookalike characters such as uppercase O instead of 0 (zero).

The solution then associates a level of 'suspiciousness' to each certificate and when it hits a predetermined number, we start our process of enriching our knowledge about this certificate. We gather information on who owns it, what legal form is behind it, what's the current physical or server architecture behind it and whether it can be traced to known threat actors or groups.

SUBSCRIBE TO OUR
NEWSLETTER

Hackurity.io
Blaak 520
3011TA Rotterdam
The Netherlands

A map marker icon.
The logo of Hackurity.io featuring cyan colored text with a camera in front of it.
© 2022 hackurity.io All Rights Reserved.