Experienced Information Security company from Cluj-Napoca that offers straightforward and to-the-point penetration testing for national and international companies/corporations.Services:Offensive/ Red-team penetration testing (Simulation of offensive real-world attacks)Cyber Security consultancyIT Security Audit (Sec policies,controls, etc)Forensics (Fraud/phishing attempts, data breaches, private investigations)PCI DSS audits (Web, Mobile, Infrastructure, policies)Security Awareness training (Management/Operation)Sectors: - The sector of activity doesn't matter if IT equipment/technology is involved. The company has been involved in all activity sectors (medical, financial, bank, energy, industrial,technology etc.)https://ctdefense.comhttps://webpentesting.comPhone number: (+40) 755 172 818e-Mail address: daniel.ciobanu@ctdefense.com

Delivery of IT Cyber Security Services:- Red Team engagements - Penetration Testing engagements - Dark web monitoring solutions- Forensics, Investigations, and Incident Response- IoT assessment (inc. embedded devices ATM/ITM, STBs, Smart CAR controllers) - Dark Web Cyber Intelligence- Cyber Security Trainings- Cloud assessments ( AWS, Google, O365) - CBEST/STAR engagements - PCI DSS compliance - Stress testing simulations- MPLS security audits

DIH4S Digital Innovation HubSmart, Safe, and Sustainable SocietyFocusing on AI and Robotics to support smarter, safer, and moresustainable organizations, communities, cities, and territories

Executing very interesting projects at an incredible rate, in a multicultural environment. Also contributing to our internal hacking methodology and supporting documentation. Providing training and presentations on various technical topics, conducting scoping, reviewing new tools are also parts I play in my current role. Helping in developing following services:▪ External / Internal network penetration testing / vulnerability assessment▪ Mobile application security testing▪ Advanced web application pentesting▪ Social engineering▪ Secure architectural review▪ Code review

Penetration testing of web and mobile applications- Conduct risk assessments for applications, 3rd party service providers and other information security business drivers.- Knowledge in web, mobile and thick-client application vulnerability assessment / manual penetration testing- Responsible with write a vulnerability assessment report - Responsible with take on an application vulnerability assessment from planning, testing to results discussion.- Ability to handle multiple projects simultaneously within established time constraints- Security Architecture Review- Using various procedures like: SQL Injection, XSS, CSRF, break authentication, sniffing and intercepting, parameter tempering.- Commonly used tools, but not limited to: Burp Suite, Charles Proxy, Zaproxy, Mallory Proxy, IdaPro, Metasploit, NeXpose, Nessus, Drozer, MobSF, NmapImplementing security tests within Software Development Life Cycle- Automated security testing using BDD-Security framework

• Web Application Penetration Testing• Web Services Penetration Testing• Network Vulnerability Assessment and Penetration Testing (Internal and External)• Submission of technical reports and proposal of remedial measures for security team and stakeholders• Consultancy within various business units and communications with Senior Business Management.• Social Engineering Assessment• Vulnerability Assessment in Android applications(financial and payment, subscriber-based applications)• Vulnerability Assessment in iOS applications (financial, healthcare, video streaming, gaming)• Penetration Testing on IPTV technology (for ISP provider - subscriber based )• Live streaming and Video on Demand (VOD) - Security and Threat Detection• Training new team members in Penetration testing and Vulnerability Assessment• Implementing Application Security policies and procedures