Services

1. Penetration Tests

DACY Solutions shows you the practical and realistic ways in which hackers penetrate companies’ IT infrastructure. We assume the role of a hacker and attempt to penetrate your company’s IT systems in a targeted, customized manner using the same methods and means that attackers would use.

This way we identify potential vulnerabilities and points of attack at an early stage so that you can correct them before they can be exploited by an attacker. A penetration report is delivered with the results of penetration tests

2. Security Scans

IT systems shall be scanned on a regular basis in order to be prepared if new attack scenarios occur.

Our security scans use standardised, internationally recognised scanning procedures to check your internal and external IT systems (such as web servers, mail servers, file servers) for several thousands of vulnerabilities.

Scans can be performed externally over the internet (external system security scans) or as optional internal scans via a VPN tunnel (internal system security scans).

3.  Digital Forensics

Digital forensics is often used as a law enforcement tool and is applied in the context of IT incident response to provide valuable and actionable evidence of incidents or attacks against an information ecosystem, with the goal of providing sufficient evidence on the causes behind an incident.

We analyze security-related events and cyber threats, develop risk-minimising measures and coordinate their implementation. We create coordinated immediate measures as well as appropriate permanent recommendations for action that counter security risks.

​

4. Incident Management

DACY Solutions conducts forensic collection and analysis of all supported devices, including but not limited to Linux, Windows, and Apple workstations, servers, as well as IOS and Android mobile devices, both online and offline, in support of their Incident Response process.

​If there is a suspicion of misuse, we will support you with offline or live forensics, host-based or network-based forensic examinations, and Malware reverse engineering on security incidents to determine the root cause and reconstruct a timeline of events to facilitate incident response and recovery.

5. Audits

Regular security audits in the areas of organization, technology and awareness are critical for businesses. With our security audits, we support companies in bringing transparency to the security level of their organization and proving their compliance within the scope of its intended application and certification.

A product audit allows to verify the intended design and implementation security. DACY Solutions investigates the product and verify its flawless behavior of the product under hostile conditions.

6. Cloud Security Audits

When managing sensitive and vulnerable information and operating services in cloud environments, it is important to have a valid overview of the IT security level of your cloud environment. A cloud security breach can be costly as it could result in significant financial losses.

DACY Solutions identifies the cloud providers and services being used, ensures strong authentication and authorization controls are in place, keeps your cloud environment up to date with the latest security patches and updates, inspects security controls placed by an organization to protect its data in the cloud.

7. Security Governance

DACY Solutions implements a comprehensive and consistent security governance and compliance strategy across the organization to protect and manage its technology and data related information security risks. We establish end to end security governance to ensure effective internal controls are implemented to achieve data privacy, security, reliability and resilience that meets compliance and local regulatory requirements.

8. Audits according to external norms

DACY Solutions conducts a cybersecurity check based on:

• internationally recognized standards of information security (ISO/IEC 27001:2015, ISO/IEC 27001:2017, BSI IT-Grundschutz, PCI DSS, NIST Cyber Security Framework), the recommendations of ISACA, ISC, ISF and the German Federal Office for Information Security.
• internationally recognized standards for medical devices (IEC 60601-4-5, IEC 62304-1, IEC 82304-1)
• internationally recognized standards for Industrielle Automatisierungssysteme (IEC 62443, IEC 15408)

9. Blockchain Security

Blockchains depend on immense data transfers performed in real-time. Resourceful hackers can intercept the data on its way to ISPs (Internet Service Providers). However, even these systems are not immune to cyberattacks and there are individual points of attack through which hackers can cause immense damage.

10. Hacking illustrations

It is a critical success factor to raise security awareness of your own employees. DACY Solutions supports Companies by demonstrating some attacks’ scenarios (Google Hacking, Credit cards SQL Injection, WLAN hack, Phishing, SMS Spoofing).

​We establish and maintain information risk metrics to highlight information assets that have the highest risk exposure. We conduct regular review of remediation actions and reporting to business and technology senior management.

1. Regression Tests

DACY Solutions supports you in the planning, design, implementation and execution of regression tests according to your individual requirements and project size. Starting with the definition of features through to the output check of the individual test cases. We also advise you on the strategic selection of necessary test cases, so that the cost and benefit of such a test are in an optimal ratio.

2. System Tests

System tests shall be as realistic as possible and simulate realistic operation of the software. In order to ensure a systematic approach to selection and risk analysis, we are happy to provide you with the correct prioritization, categorization and implementation of the various test cases.

3.  Performance, Last Tests

DACY Solutions supports you in identifying weaknesses of your system. Depending on the requirement profile, the test can check the system for different scenarios and, if necessary, provide decisive data on scalability and/or stability, and/or performance improvement.

Our performance testing is incorporated throughout a system’s development, roll-out, and ongoing maintenance. In so doing, you avoid overlooked errors, unsatisfied customers, the high cost of poor quality.

​

4. Test automation

Test automation not only ensures greater software stability, but also reduces costs through lower repetition rates. This accelerates releases while increasing testing coverage and finding more defects before production.

DACY Solutions carries out automated test cases after each version change and ensure that your project covers a broader range of test cases.

5. User Acceptance Tests

DACY Solutions supports you even before the start of user acceptance testing. Together with you, we define the acceptance criteria for the software, with the goal to meet your customers‘ needs. In a next step, we create corresponding User Acceptance test scenarios, which contain individual test steps, application conditions and expected results. In the UAT implementation, we attach great importance to the involvement of business users, so that scenarios that are not part of the functional scope are covered. Following this, we support you in the evaluation of the individual tested scenarios and in the elimination of errors.

6. Test Management

How can we ensure a good software quality, while avoiding subsequent issues such as a lack of software testing know-how, a lack of resources and a deadline pressure?

DACY Solutions prioritizes and coordinates all activities in the entire test process. To do this, we cluster test processes into individual sub-processes such as test planning and test standardization, test design through to test execution and the completion of all test activities. We guarantee our customers permanent transparency about the status of the test activities.

7. Release Management

For the successful implementation of the release management process, it is important that all project teams follow the same guidelines and principles. This ensures that the process is carried out safely and efficiently.

Step 1: Planning the release

• Define release strategy
• Planning of resources, budget
• Kick-off including a risk assessment and coordination of dependencies

Step 2: Execution of the release

• Communication of the release status to stakeholders
• Control of error elimination by project teams
• Definition of the escalation process and appointment of an escalation manager to control the escalations.

Step 3: Review of the release

• Carrying out the review with stakeholders
• Logging and reworking of all open points
• Monitoring of all reworked points