Talsion insider. A look into the company

Tuesday, April 28th, 2015

Talsion Systems, the value of our creations

delivery

For 4 years now, we have been building innovative security solutions providing new avenues of protection for each of our customers.

Today this direction is valued within our company through the creation of a specific segmentation to communicate about each of the products we have created in our company.

Therefore, six new products have been introduced in our company’s catalog in 2015.

  • Talsion Filtering Proxy, a white list reverse proxy that is custom configured for each of our customers.
  • Talsion Activity Detector, a brick that facilitates piracy detection within a corporate network.
  • Talsion Virtual Safe, a high security virtual safe linking the software and hardware solutions. A beta version will be available in September 2015.
  • Talsion Network Gate, a gateway to the traditional or encrypted network feed using strong authentication with several vectors.
  • Talsion File Share, a customizable file exchange hub for creating exchange protocol mutualization.
  • Talsion Event Manager, a centralization solution of logs based on Elastic Search technology, to centralize all of the security bricks that we have created, as well as the events from the operating systems and applications.

Each of these products was created within our company and is based on specific developments and open source tested bricks.

These solutions are designed with the highest security requirement levels in order to guarantee the separation of powers, encryption of private information, and feeds.

This orientation is reinforced by the implementation of a specific centralized logging of events that may occur during the use of the solution.

Thursday, March 12th, 2015

Talsion Hosting, when hosting becomes security

delivery

We have just received the first server intended for one of our customers to integrate our new Talsion Hosting platform.

We have chosen to capitalize our expertise around Dell products to build a solution that is supported and sustainable over time.

dell-usphere

A [u]sphere node is now hosted on the servers, including 3.5 GB of cache, two Intel Hexacore processors with a speed between 2.8 and 3.0 GHz and 48 to 64 GB of RAM depending on the needs of the hosted architecture.

Beyond the performance of the chassis, the hard drives are based on SSD technology and integrate automatic encryption of media (SED). This technology reduces the risk in the case of data theft. Upon request, this possibility can be strengthened by encrypting the hard disk software based on GELI, LUKS, Truecrypt, or BitLocker.

ssd-dell-intrusion

We also have just received our new Giga network cards consisting of 6 copper ports that are able to carry our Dell servers to 16 Ethernet ports in order to perform specific operations.

In addition, we have chosen an ISO27001 data center a few kilometers from our office, so we can intervene in less than 20 minutes, to curb incidents directly on our equipment and servers.

Each server is equipped with dual power supplies and dual network attachment, in order to limit the risk of failures or production mishaps.

Talsion Hosting and [u] sphere are a direct result of our know-how and the security focuses that we usually offer to our customers following the completion of a penetration test that revealed computer faults.

Therefore, we treat all of the following hardening topics in Talsion Hosting: Application, Network, Physical, Organizational and System; that can find defects in an application’s security or a service directly in contact with the Internet network.

Saturday, February 28th, 2015

Questions of students

delivery

We present below some mission types, in order to respond to the questions of students who are interested in a computer security consultant’s missions. These questions often come up during the discussions they have during their computer security internships.

Auditing the security of a SAP transaction website

Customer’s needs: the agent for the mission wanted to audit the security of a SAP-based transaction website. This solution used a means of authentication based on specific material calculators. The database architecture was based on an Oracle platform and the entire solution was outsourced to a third-party company. It provided the maintenance, development, and security of the application in a partially shared environment.

Results of the mission: the audit highlighted flaws in the processing of user sessions, so a disruption in the Oracle database operation was possible.

ROI for the customer: this audit allowed our customer to increase his security level; therefore, the solution publisher could amend its application as a result.

Defining a transactional platform quickly

Customer’s needs: to define the security level of a transactional platform before being quickly put into production and to obtain technical advice facing the software solution publisher.

Results of the mission: during this consultancy mission following the penetration test, we highlighted serious weaknesses revealing significant gaps in programming with the solution publisher.

ROI for the customer: our mission helped the customer discover vulnerabilities in an application that was already in production with one of its subsidiaries and secure a new deployment by a modification in the application’s source code and the installation of an application filtering solution (reverse proxy filtering).

Audit the security of an ATM machine

Customer’s needs: to audit the security of an ATM before it is put into production. This ATM machine is made by a company that edits centralization software and provides cash deposit systems.

Results of the mission: during this penetration test we were able to analyze the protocol used by the ATM machine and the centralization software. Therefore, we were able to perform a “proof of concept”: HelloOtto software. This application allowed us to freeze financial deposits or perform fictitious ones.

ROI for the customer: This approach enabled the agent on the mission to get a modification to his application, free of charge, in order to take into account the flaws discovered during our audit. An important development in the architecture and isolation of different bricks was also made.

Obtaining the security level of an electronic signature solution

Customer’s needs: to get a clear picture of the security level of an electronic signature solution that allows people to sign and authenticate transactions completed online. The entire solution is hosted by a third party, and it is based on a proprietary solution.

Results of the mission: this analysis allowed us to validate the security level of the chip used to hold certificates, but the penetration test also revealed the possibility of bypassing user authentication and downloading a certificate before the official customer takes possession of it.

ROI for the customer: our customer was able to take advantage of a free portal change by the publisher, and the mission’s agent, with full knowledge, was able to decrease the maximum allocated amount for any transaction signed with this technology.

Evaluating the porosity of the internal network and SWIFT applications

Customer’s needs: to evaluate the porosity of the internal network and SWIFT applications as much at the AIX systems level as at the Windows platforms.

Results of the mission: With a single employee’s rights, this penetration test allowed the SWIFT transaction application’s SSO authentication to be broken and all kinds of operations to be performed on the targeted system. In addition, it was possible for us to take control of all the AIX and Windows network.

ROI for the customer: this mission allowed the release of a budget to establish a place where the infrastructure’s critical areas can be isolated, to create systems hardening procedures, and to control deviant behaviors.

Feel free to contact us at stage@talsion.com, if you’re looking for an internship in computer security in 2016.

Wednesday, January 28th, 2015

New year 2015

delivery

A new year has begun, with important developments in the organization of our company to create independent legal entities for each of our businesses. This reorganization, which is primarily legal in nature, allows us to separate certain operations.

Auditing and penetration testing, at the heart of our historical expertise, are now performed by Talsion Defense. Since January, our vision of computer security has been strengthened by two new operations:

The customized development of adapted software, based on the Python language, to create highly secure applications and websites. These developments combine the concepts of cryptography, strong authentication, and resistance to hacking. All of this expertise is handled by Talsion Systems.

Along with the creation of solutions that meet our customers’ needs, in 2015, Talsion Systems will offer some new products, such as Webgrinder, Netbuoy, and Tacio.

An introduction to the various products created by Talsion Systems follows:

Webgrinder (Talsion Filtering Proxy) is a technology created within our company that performs customized filtering solutions on application feeds directed to Internet sites. This technology is based solely on white lists in the image of firewalls and strong concepts of user context management.

Netbuoy (Talsion Activity Detector) is a multi-agent system based on Kibana visualization technology and on software buoy created specifically by our company, in order to detect certain abnormal behaviors within a computer network or a virtual environment. This technology is already available to our long-time customers.

Tacio (Talsion Virtual Safe), our virtual safe, is at the end of development the first prototype’s arrival scheduled for late September 2015.

This software orientation is reinforced by the new hosting operation in a secure architecture, in order to provide a very high level of tolerance to crashes, as well as computer attacks, ranging from physical intrusion to the traditional computer intrusion to denial-of-service attacks.

Beyond the approach consisting of setting up an enclosure of protection, we have built an organization to detect, identify, and contain threats that may occur within the platforms that we host. All of this new dynamic is handled by Talsion Hosting.

Our client’s systems are hosted in our bays within a Parisian data-centre, in accordance with standard ISO 27001. This base is strongly enhanced by the addition of specific bricks.

These strategic orientations are based on the know-how and expertise that we have acquired during 10 years of building the Talsion Defence information system and strengthening the security of our customers.