Talsion insider. A look into the company

Monday, July 21st, 2014

Pycharm and computer security

security-python

For us, Eclipse was one of the flagship tools from our developments in Python, because it remains fast and flexible and is uses multiple languages. However, the latest developments in the PyCharm Professional Edition solution have changed our perception of the ideal tool.

In fact, PyCharm was transformed by drastically increasing processing speed and natively integrating many bricks, facilitating the development of computer security tools in Python.

Therefore, the last version of PyCharm 3.4.1 is based on version integration under various protocols like Git or even the use of development help tools, especially those based on PEP8.

pycharm

One of the key features in our use of PyCharm features is “remote debugging,” which allows us to simply and transparently integrate development within the very different and exotic operating systems of our development platforms.

We also discovered that the tool’s learning curve was very fast for novice users in Python. Therefore, a junior engineer in computer security can master and customize the tool in less than a week, which is not the case for the majority of development environments.

In addition, PyCharm natively supports GAE, SqlAlchemy, Pyramid, Web2py, Cython, Wxpython, PyQt, and PyGTK. So it allows us to support ourselves during our Python code audits on intelligent bricks, facilitating the understanding of software and audited libraries during our computer security missions.

Sunday, June 22nd, 2014

Zero Cloud

delivery

The cloud is applicable to many companies, but not for Talsion Defense. We have chosen to not position ourselves within this dynamic. Thus, we are in charge of our own business architecture that is deployed in one of the Interxion company’s ISO 27001 datacenters and on servers that are inside the same walls as our business.

sécurité-cloud

Therefore, we have chosen to apply the following points:

  • 0% cloud technology,
  • 0% of customer data (Report, CDRom) archived outside our internal network,
  • 0% permanent connections between our network and our datacenters,
  • 0% link between our company’s internal network and the Internet,
  • 0% server virtualization outside pylabs (expected before the start of 2015).

This last point is a security challenge for our business that goes against the current technology virtualization that was ongoing with our previous MARS architecture.

To win this challenge, we chose to focus our efforts on ARM technology. This approach brings us extreme server density, while keeping part of the usual flexibility related to the world of virtualization. In addition, this focus enhances information system security and isolation of each application.

Thursday, May 15th, 2014

Talsion, the name of a star

delivery

We found out with pleasure that one of our consultant gave the name of our company to a star in a spatial conquest simulator: Galactic Civilization III, published by Stardock.

Galactic Civilization III is a new style of platform using API and security guidelines from the Steam solution. Steam provides a large amount of ready-to-use technologies to accelerate and secure video game development. Thus, Steam Guard allows for the activation of dual authentication on the platform and ensures a better level of security by sending a security code to each Steam user’s email inbox.

stardock

This platform’s players are choice targets, because they may have ships or rare precious objects or artifacts (in their game inventory), which can be resold for thousands of euros on the Internet.

The Steam Guard approach, although limited, allows for reducing the risk of identity theft within the platform of online games to some extent. However, by coupling the use of a Gmail mailbox with a Steam account, an additional level of security can be ensured. In fact, Google technology can send an SMS containing an authentication code to one of the services offered by Google during a user’s logon.

Friday, April 18th, 2014

A new talent

embauche

Since April 2014, a new collaborator and partner has strengthened our team. This is Jimika, who will be responsible for the management of the company’s commercial position. She will also be responsible for the history of all of our customers and partners specializing in computer security.

Jimika has more than 15 years of professional experience, strengthened by diplomas ranging from the school of commerce to financial expertise. Thus, she will enliven our client network and will be responsible for our new offering, the “incursion test,” that will be able to replace the black-box penetration test.

jimika-securite-informatique

Our new colleague, through her role as a partner, will bring insight so that the Talsion defense position and the new needs of our clients are in perfect harmony. This approach facilitates the creation of new high security missions to strengthen our clients’ information system level of defense, especially due to the constant evolution of computer penetration testing and research in computer security.

In fact, the year 2014 will see the arrival of a set of new technological positioning and will drastically increase our customers’ level of safety. This new direction will be in line with international security issues, particularly following the Snowden case.

Therefore, Jimika will be in charge of articulating the full commercial potential of our creations to commercialize new technologies and new security audits that remain one of our society’s major challenges today.

Saturday, March 8th, 2014

Nemesis‭ & ARM

python

At the end of march 2014, we ended the portage of the “identification & topology” portion of our Nemesis framework on ARM technology, so we reduced Nemesis’s electricity consumption by 70%.

This approach allowed us to model our libraries and conventional tools on a new hardware platform, combining low electricity consumption with an extreme reduction in the amount of congestion in our technologies during the administration of a mission in the field.

nemesis-green

During the complete portage of our technology, we are able to obtain one of the most economic energy-related computer penetration tools in the field of information systems security.

According to tests performed internally on a complete architecture made up of more than 80 processors and 40 Gigs of RAM, we achieve a consumption of about 40 A (200 Watts), or the equivalent power of a single traditional Intel-processor based server.