Fenrisk is a security company specialized in offensive assessments (penetration tests, large scale engagements), security audits and trainings. It helps you secure your assets. Fenrisk strives to issue impactful security assessments.
We believe in the power of demonstration when it comes to vulnerabilities.
What we do
We commit our expertise to meet your business needs.
Penetration tests
Fenrisk helps you securing your applications by putting its expertise to your service. Penetration tests aim to identify vulnerabilities in your systems by using the same techniques an attacker would. For each vulnerability identified, Fenrisk proposes a suitable remediation that takes into account your context and technical contraints.
Examples of carried out assessments
- Web site or application
- Mobile applications
- Corporate network
- Industrial information system
- IoT device
Large scale assessments
Take back the control on your external perimeter. Fenrisk performs large scale penetration tests by starting with a phase of reconnaissance. It helps you to draw up an inventory of the visible parts of your perimeter. In a second part, we focus on finding critical paths that could lead an attacker to breach into sensitive assets or even reach your internal network. In the same way as a regular penetration test, we provide you with all the mandatory information to test discovered vulnerabilities and we focus on finding the best technical remediation for your teams to implement.
3 phases
- Reconnaissance: Get the cartography of your exposed perimeter
- Security assessment: Full-scale penetration test, focusing on critical paths to your sensitive assets
- Reporting: We help you finding the best technical remediation
Security audit
When black or grey-box tests are not comprehensive enough, we also propose white-box assessments to get into details and unveil deep-rooted vulnerabilities. We work alongside you to identify the most sneaky ones hidden in your applications, systems and networks.
Examples of security audits
- Source code audit
- Corporate computer configuration audit
- Active Directory configuration audit
- Architecture review
- Network device configuration audit
Trainings
Because everybody has something to learn, Fenrisk is happy to share its expertise with your teams or with individuals. Both "classrooms" and virtual sessions are available for reservation in a limit of 10 students per session. Once the pandemic over, public sessions will take place during conferences. Feel free to contact us for details!
Our trainings
- Web penetration tests 101 Entry-level professional penetration test, mostly designed for professional retraining and students
- Web advanced exploitation Hands-on advanced vulnerabilities discovery and 1day exploits development course. This will help you finding your own vulnerabilities by understanding recent ones
About Us
Security through demonstration.
We believe in offensive security to help companies enhance their defense against real life threats. As such, Fenrisk focuses on keeping up with cutting-edge researches that allows our team to deliver great work that reflects the reality of today and tomorrow attackers. In the same spirit, Fenrisk also believes in sharing and innovating and that's why 30% of our time is dedicated to vulnerability research and offensive tools development.
Having understood the limits of the current approaches offered by most security companies, Fenrisk strives to issue meaningful security assessments. Our engagements go beyond an automated scans, with experienced security professionals at the commands to perform manual tests relevant for your targets.
