For many years Microsoft Active Directory (AD) has been one of the core services in most enterprise IT environments. But do you know if you are up to date with the latest recommendations? AD is not a set-and-forget service, it requires TLC and we help you identify and prioritize the actions needed.Download Service Overview
A Range of Solutions That Strengthen Your Cybersecurity Posture
We provide you with the services you need to successfully build a secure and sustainable IT environment, prevent cyber breaches, and stay strong in case of an incident. Based on real-world empirical insight gained from managing incidents daily, we have developed the solutions you need to stay ahead of threat actors and ensure the best possible security for your organization.
Highlighted Service Areas
Highlighted All Services
The concept of putting our most valuable things in the most protected place isn’t new. It’s been around pretty much since we got... well, things. That continues with AD Tiering Implementation by Truesec.Download Service Overview
We have implemented this in countless Active Directories without impacting the business. And usually, this is done in a few days.
Develop secure apps and systems on the fly with our agile approach to penetration testing. Don't wait for a detailed report to take action - our team adds test findings directly to your own issue tracker, drastically improving lead-time to resolve vulnerabilities.Download Service Overview
Need someone right away to plan, coordinate, and champion security initiatives? Embed a bridge to Truesec into your team to drive secure development awareness and bolster organizational skills.
Is your Azure Active Directory set up with default settings? Azure AD has become an attack vector which is being used in many of incidents to gain persistence in an environment. This is an technical analysis and security assessment in one to give you a full report with actionable next steps to better your security, and mitigate those default settings (and misconfigurations).Donwload Service Overview
Make use of our world-renowned experts! We tailor our guidance and work to your needs: from strategic assessments, workshops, training, and coaching, to providing you with skilled architects, acting CISO, and access to a broad range of specialists in cybersecurity.
Our focus is on creating security policies that are actually used, and actually work. Our CGHC performs a holistic, in-depth vetting of your existing policies and guidelines - and gives you the actionable adjustments needed for effective cybersecurity management.
Download Service Overview
CSHA is a powerful way to assess and create a roadmap for increasing your security resilience level. Based on the NIST framework and executed through a two-day guided workshop, our CSHA is delivered together with high-level insights and powerful executive reports.
Download Service Overview
When disaster strikes and every second counts - stay calm and call us. Our experienced Incident Response team (CSIRT) is here to get your business secured and back up running as fast as possible.
Every incident is handled by a team of experts in forensics, advanced infrastructure, and incident management working together to get you safely through with minimal impact.
Can your current development, launch, and maintenance processes produce secure software? We work with you to assess and upskill your secure development methodology, giving you the tools you need for safe DevOps that run smoothly.
Suspect a breach, or need a cyber forensics expert? Our forensics specialists perform evidence gathering, information extraction, and software analysis to get to the bottom of what has occurred - or how a particular piece of malware really works.
Put an end to: "I can't work without being a Local Administrator". By using LAPS Web UI together with Microsoft LAPS we fix this issue by setting a unique complex password for all local administrator accounts. LAPS Web UI provides an easy and secure way for end users to request the LAPS password for their own machine anytime they need to perform administrative actions.Download Service Overview
When disaster strikes the incident needs fixing. One of many workstreams is the legal perspective.Download Service Overview
Our experienced team helps you with legal (e.g. GDPR) and contractual obligations.
Don't ignore the legal aspect. Instead make sure that you have a legal expert in your corner who can advise you on what steps to take, when and how.
"Hacking the mainframe": entertaining in movies, devastating in real life. We work to determine security vulnerabilities in your mainframe computers, including actionable steps for improvement.
Do you want to take control over Office 365 security to better protect against phishing and spearphishing attacks? We perform a full check-up to identify vulnerabilities and give you a full report with actionable next steps to better security.
How vulnerable is your organization to a phishing attack? We assess and summarize your current level of risk, including how likely a breach is to succeed and whether your current resilience is enough to handle it.
Refuse to be a victim! Test your resilience against ransomware scenarios. We perform a battery of interviews and a full attack simulation, all based on the current tools and tactics of ransomware groups, to provide you with a thorough report along with recommendations you can act on.
What you see is what you get - world class experts creating custom security training for your needs: cybersecurity, secure embedded and distributed systems, secure software architecture… We are passionate about taking you to the next level, and happy to help identify your particular needs.
The objective of a security vetting interview is to assess whether a person can be assumed to be reliable from a security perspective, loyal to interests that need to be protected, and to identify possible vulnerabilities that could potentially be exploited to gain access to sensitive information or operations.Download Service Overview
The human element is often our weakest link - but it can be strengthened. We perform this assessment and learning process through recurring tests where we "strike" whenever we see an opportunity, just like a real attacker would do - including using sneaky social tactics to make your users click on links, or give us access to your premises. Regular reports provide you with tangible insight into how your awareness and response changes over time.
Shift your application security from reactive to proactive mode with us. We are one of the few actors in cybersecurity to harness the power of development expertise: this makes us very, very good at helping you implement the controls that actually matter. A fully customizable umbrella service, our SSI integrates with your team to continuously provide secure development support based on actual needs and risk - ensuring you prioritize relevant measures to increase cost efficiency.Download service overview
Get deep insight and thorough reports on your readiness with our complete cybersecurity assessment - based on ISO 27001, CIS, and NIST frameworks. Several days of guided workshops are included to ensure you receive the full value of this investment.
Identify your strong and weak spots to reduce your attack surface through this EU-codified process for Red Teaming, designed for (supra)national authorities and entities in critical sectors such as finance.
In what ways could your software be attacked, compromised, or abused? Join us in a collaborative exercise to discover, document, and understand all potential threats. Think of our threat modeling exercise as "pentesting for software" with a significant learning component.
A customer-specific overview of the threat landscape and how it impacts your industry. The report is aimed at slightly larger organizations that are about to begin the process of improving their cybersecurity capabilities. The report provides an in-depth understanding of the real-world threats to your organization and a general overview of how your current cybersecurity posture measures against these threats.Download Service Overview
Can you virtualize knowledge? No, but you can get knowledge about virtualization!Download Service Overview
With the VMware Environment Security Review from Truesec, you’ll get access to the leading experts in securing and managing a VMware environment. These experts address these complexities and educate both your management and your operations, and you’ll gain insight into the current security and health status of your VMware installation.
This to make sure you have the information you require to identify and prioritize the actions needed to elevate your cybersecurity resilience.
Talk to Us!
Interested to see how we might help you through our services? Just have a question? We’re here and look forward to getting in contact with you.
In the spotlight
Our experienced Cybersecurity Incident Response Team, CSIRT, stands ready to get your business operational again as quickly, and securely, as possible.Learn more
In the spotlight
Application and software security
Use Truesec's professional team to make the right decisions in your projects with assessments, coaching, or by us designing and developing required features fully.Learn more