Our Audit Services

Because your company lives in a constantly changing environment, Intervalle Technologies provides you with auditors with solid experience acquired through numerous missions on behalf of organisations in different sectors, qualifications and references in carrying out organisational and technical audits, configuration audits, architecture audits, penetration tests, source code audits, audits of payment platforms, SWIFT platforms, mobile phones, ATMs, SCADA systems, and audits of compliance with international standards and reference systems

Organisational audit - GRC

Audit of governance and decision-making models, including review of the information system security organisation, security policies, risk analysis reviews, audit of business continuity and recovery plans and compliance audits

Our organisational audit services focus on governance, risk analysis, business continuity planning and policies and procedures.

Compliance audits focus on ISO 27001, PCI-DSS, CSP SWIFT, SOX, SOC 2 SOC 3 and RGPD.

PENTEST Intrusion Audit

With the digitalisation of companies and the opening of their systems to the outside world by necessity in order to respond to the changing needs of their customers, systems are more exposed and therefore more vulnerable to various attacks with consequences that can lead to the total shutdown of the activity.

Mobile application audit

Like web applications, mobile applications are increasingly targeted by attackers.

An Android and iOS mobile application audit is divided into two phases:

First, we launch the static analysis during which we proceed to a reverse engineering phase in order to understand the application’s code and study its interactions with the system.

Then, we launch the dynamic analysis which consists in exploiting the vulnerabilities identified during the static analysis, but also in discovering new possible vulnerabilities.

Contact us to find out more >

Physical security audit & Data centre

The physical audit of data centres covers both HQ and DR sites and concerns compliance with EN 50600 “Facility and Infrastructure Design".

The verification of the levels of risk and security of people and property in order to bring your data centre facilities into compliance.

Contact us to find out more >

Code audit

In the enterprise, IT project teams often focus on solving business problems. Solutions are put into production and exploited with flaws and security breaches that can compromise the entire business. Intervalle Technologies analyses your source code in depth by trained and certified engineers

Our methodology is based on manual analysis of the most critical elements of the code involving user interaction, followed by automatic analysis of the entire code.

We take into account the following elements: code injection, session management/authentication, unsafe direct references to an object, security configuration, cryptographic storage.

Contact us to find out more >

Performance audit

The performance audit allows you to evaluate the sizing of the information system in terms of processing capacity and information volume through stress testing and load scaling.

This audit aims to carry out a global diagnosis of your IT infrastructure: Network (LAN, WAN), servers (OS, Middleware, DBMS, Virtualisation), Storage (SAN, NAS, Backup), load scaling on the most critical applications to ensure that the information system provides response times in line with users expectations, particularly during peak periods

Contact us to find out more >

Information Systems Security Audit (ISS)

Are your information systems compliant with international standards?

Intervalle Technologies offers its clients its “Information System Security Audit" service.

The Information System Security Audit assesses the level of control in place to ensure the confidentiality, integrity and availability of the organisation's data. The review includes an assessment of the components of the information system in relation to the level of protection in place and allows the organisation to check its surface exposure to threats.

Web application audit

Before any web application is put into production on an intranet or extranet, a web security audit is required to protect against possible computer attacks aimed at the company's brand image and the usurpation of its customers' data.

With this in mind, Intervalle Technologies offers its “Web Application Audit" service in accordance with the recommendations of the Open Web Application Security Project (OWASP TOP10), a free community specialising in web application audits.

Our application audit methodology includes the search for flaws in the design and/or development of the application in question.

PKI infrastructure audit

The PKI Infrastructure Audit includes the review of the PKI platform’s configurations and components, ensuring the compliance of the installed systems with the security standards of the manufacturers and editors.

Contact us to find out more >

ERP / Application Audit

Application security review in accordance with ISACA COBIT, NIST, PCI and the Open Web Application Security Project (OWASP TOP10) community of web application auditors.

Contact us to find out more >

Social Engineering

Social engineering is the art of manipulating people into disclosing confidential information. It is well known that the weakest link in the security chain is the human. Criminals try to gain a person’s trust in order to extract password information and access to their computer.

This type of audit involves advanced techniques mastered by Intervalle Technologies’ teams, using various attack vectors.

Contact us to find out more >

Digital investigation and evidence management

Is your company the victim of an attack, incident, fraud or regulatory investigation?

These incidents disrupt your company’s day-to-day business and, if not properly managed, can have significant negative consequences on your company’s reputation and cash flow.

Intervalle Technologies offers a digital investigation expert service to help you fight the consequences of an attack by allowing you to investigate a computer crime or fraud.

We offer services that allow the identification and recovery of the material found on all digital devices (servers, computers, laptops, mobile phones or other storage media).

These services include the identification, recovery, investigation, validation and presentation of facts related to digital evidence hidden or intentionally removed from these devices. This is typically used to create and strengthen civil or criminal cases or to help better understand a cyber-attack or internal incident that has occurred.

Contact us to find out more >

They trusted us

Questions ? Don’t hesitate to contact us