CQURE

What we do

CQURE is a provider of specialized services in IT infrastructure security, business applications, consulting and advisory services.

Our projects
Every project is discussed in detail with Clients. We believe that this is the only way to achieve full satisfaction in IT projects. Our key to success are: highly qualified team and good planning. We build the detailed project schedules, thus avoiding a delay.

CQURE offers the following services:

  • Security 360: Extensive IT security audit
  • Audit Re-Check: Short IT security audit after the extensive IT security checks
  • Edge/Web Pentest: Penetration tests of the edge or Web application
  • Internal Audit: Internal infrastructure IT Security Audit
  • Config Audit: Services configuration verification (internal / external)
  • IT Security Policy: IT security policy creation and verification
  • BCP: Business Continuity Plans creation and verification
  • Other: implementations and scripting/developing adjusted to needs
  • Acunetix software: We are Acunetix resellers
  • Penetration Tests

CQURE was formed in November 2008 in Poland and since that time we have expanded to Europe, Americas, Middle East and Asia. In 2013 we have opened a new office in New York and in 2014 in Dubai. Our services range from IT security audits, penetration tests and solution implementations, ending up with authored training. Right now in our team we have got 12 Team Members delivering security projects, including penetration tests and authored workshops.

Our Clients

Our Customers range from the global corporations to small companies. No matter where your organization lies on the Globe, we can work with you to make an infrastructure secure and efficient. Right now most of our Customers are from US and Europe and since 2013 we are providing big projects for governments in the Middle East.

For large and medium companies we usually offer the authorship training packs, intensive IT Security audits for the whole IT environment and solutions adjusted to their needs. (e.g. scripting, developing, implementations). We also offer constant cooperation as the consultancy company. For smaller companies we usually offer penetration test of the edge, authorship trainings related to specific functionality, consultancy and solution implementations.

Business Goals

The goal of every Penetration Test is to detect critical (with high priority for remediation actions) and non-critical vulnerabilities of the environment exposed to the Internet. All auditing actions are consulted with administrators to avoid the risk of affecting application availability. Technical report created at the end of project may be used as a knowledge base allowing to minimize the risks related to application.

Operation Goals include:

  1. Detecting vulnerabilities in the application exposed to the Internet.
  2. Providing a guidance related to best practices for configuration of services and for limiting possibilities of security compromising.
  3. Providing a guidance to organize administrative tasks and information security management process.

The basic rules that we follow when delivering Penetration Tests:

  1. Requestor will be immediately informed about high-risk (high impact and high probability) vulnerabilities.
  2. Some tests due to their intensive character may affect services availability. Detailed schedule for such tests will be presented to the Requestor and (where possible) performed during off-work hours (i.e. during a night).
  3. Proposed recommendations must follow rules used by Requestor.
  4. Proposed recommendations must provide expected level of information security.

Due professional care, independence and objectivism will be maintained during all project phases.

Read more about our Leadership