Our Services
Our goal is to detect and prevent attacks to your company or business data.
Governance, Risk and Compliance
CyberXperts offers consulting in the Information Security Strategy, Information and Cyber Security Programs, Information Security Management Systems, Policies, Standards and Guidelines. We aid organizations to ensure IT risks are identified, assessed, evaluated and corresponding controls are implemented to reduce the risk impacts or likelihood and compliance with regulatory and statutory requirements like POPI, GDPR and PCI DSS.
Security Program Management
We provide consultancy in the provision and implementation of Cyber Security Frameworks according to international standards like NIST, ISO27001, COBIT and any other framework. Creating a security program around intelligence on threats and also business risks will support resilience in a constantly shifting landscape of risk; however, few companies today have the appropriate skills and resources in-house to effectively secure their information assets and at the same time optimize business performance.
We have expertise in the implementation of the NIST Cybersecurity Framework, ISO/IEC 27001 Information Security Management System, CIS Critical Security Controls and COBIT 2019.
Vulnerability Assessment and Penetration Testing
CyberXperts offers full cycle vulnerability management solutions to enable our client to have a full insight into potential threats. We aid our customers in identifying, assessing and remediating vulnerabilities. We also assist in applying remedial actions from audits reports.
We perform attack and penetration testing engagements to verify and test the existence of vulnerability. Our engagements include white box, gray box and black box security testing. We work with the red teams to patch potential loopholes that can be exploited.
IT Audit and Security Assessment
We perform IT Audits and Security Assessments to provide organizations with their current security posture. Integral to any Information Security Management System (ISMS) is the process of “assessing” the control environment to understand where control gaps may be leaving the organization at unacceptable risk.
We also perform Application security assessments that include code review using SAST and DAST tools. We perform infrastructure assessments on Networks and Systems using various commercial and open source tools. Our assessments also include Database systems in line with international standards e.g CIS Critical Security Controls.
Training and Awareness
CyberXperts provides information and cyber security training targeting various areas and individuals. We offer training for individuals preparing for security certifications like CISA, CISM, CRISC, CGEIT, COBIT, ISO27001, CISSP, CEH, OSCP, LPT, CCISO.
Our training also targets corporate individuals (executives, management, IT) who would like to gain a better understanding of cyber security or enhance and refresh their skills. Our courses include: Introduction to Cyber Security, Is Cyber Security an IT issue?, Vulnerability Assessment and Pen Testing, Application Security for Development teams, Cyber Security Governance, Security Operations Centre (SOC) Management.
We also offer information and cyber security awareness programs to organization that are custom built to the environment. Our awareness programs cover email phishing, safe internet habits, backups, social engineering, clean desk policy, social media, malware and password management.
vCISO
Our Virtual CISO (vCISO) is a service designed to make top-tier security analysts available to your organization for security expertise and guidance. The vCISO can bring both strategic and operational leadership on security to organizations that can’t afford a full-time person in the role.
Our dedicated team of experts has decades of experience building information security programs that meet your business objectives and show measurable improvements to your security posture.