Sonrai Security was established to provide advanced Information Security services to the Irish marketplace. 

Our client portfolio includes government agencies, energy distributors, international telecomunications, private hospitals, logistics providers, publishers, PR agencies, non-governmental organisations,  and Internet service providers. 

Our consultants multi-disciplinary expertise allows them to assess, plan and implement the most effective solution for your business.

Penetration testing is also known as security assessment not to be confused with vulnerability auditing.  In essence it is the process of actively evaluating your information security measures. The emphasis being on active, taking the role of an aggressor and testing all information systems to find any security issues, as opposed to a solely theoretical or paper based audit exercise. 

Our assesment process is constantly being refined to take into account the most upto date methodology and techniquesand is conducted in accordance with the recommendations outlined in NIST SP 800-1151 and the OSSTMM2 version 3.02.

Why Conduct a penetration test ?

From a business perspective, penetration testing helps safeguard your organisation against failure, through:

• Preventing financial loss through fraud (hackers, extortionists and disgruntled employees) or through lost revenue due to unreliable business systems and processes.
• Proving due diligence and compliance to your industry regulators, customers and shareholders. Non-compliance can result in your organisation losing business, receiving heavy fines, gathering bad PR or ultimately failing. At a personal level it can also mean the loss of your job, prosecution and sometimes even imprisonment.
• Protecting your brand by avoiding loss of consumer confidence and business reputation.
• From an operational perspective, penetration testing helps shape information security strategy by identifying vulnerabilities and quantifying their impact and likelihood so that they can be managed proactively; budget can be allocated and corrective measures implemented.

What can be tested?

All parts of the way that your organisation captures, stores and processes information can be assessed; the systems that the information is stored in, the transmission channels that transport it, and the processes and personnel that manage it. Examples of areas that are commonly tested are:

• Off-the-shelf products (operating systems, applications, databases, networking equipment etc.)
• Bespoke development (dynamic web sites, web applications, in-house applications etc.)
• Telephony (war-dialling, remote access etc.)
• Wireless (WIFI, Bluetooth, IR, GSM, RFID etc.)
• Personnel (screening process, social engineering etc.)
• Physical (access controls, dumpster diving etc.)

Our assessment process is divided into 4 main phases: reconnaissance, vulnerability analysis, exploitation, and reporting. 

• The reconnaissance section will detail the steps taken to profile your organisation and its assets and staff for potential issues, making use of tools and techniques similar to those employed by an attacker.
• A vulnerability analysis is then carried out, making use of various best of breed industry tool-sets, in order to identify and classify vulnerabilities within the target infrastructure.
• The exploit section makes use of the information gathered in the reconnaissance and vulnerability analysis phases to actively seek and exploit any identified issues.
• The last phase, reporting, contains a number of sub-sections, these record the methodology, identified issues, various metrics, and mitigation status of any issues identified.

The draft and final reports reflect these phases in its structure, and a report and debriefing session presents the findings and allow corrective strategies to be discussed.

Contact us to discuss your particular needs.

Prevention is of course the desirable course of action, but in the event an incident does take place you need an efficient experienced response.

Using best practice methodologies and techniques our consultants will quickly move to secure your IT infrastructure and preserve evidence for further investigation. They will then help to normalise operations in your organisation to prevent further exposure and loss of revenue.

If an incident is in progress, time is of the essence, a proper record of events should be maintained and any backups located and secured. Contact us to help resolve the issues and restore your IT infrastructure to a secure state.

Cillian Hogan the CEO of Sonraí Security has written and contributed to a number of information security articles in print publications these include:

Sunday Business Post 2nd March 2008 : Computers in Business supplement

As a contributer to the piece Ensure safer productivity [paywall]

"Businesses need to achieve a balance between keeping their systems secure and not hampering employee productivity".

Smart Company Magazine June/July 2007

As author of the article The 10 commandments of IT Security

It was republished by the FSH Security Centre website July 2008;. A Smart Company podcast for July 2007 contains an with the editor Niall Kitson and Cillian Hogan discussing the above article is available here. 

Smart Company Magazine September 2005

As author of the Notes from the Field column Understanding IT usage Policies.

Smart Company Magazine June 2005

As author of the Notes from the Field column Data Protection and Compliance.

We possess a wealth of experience in managing all facets of a modern companies IT infrastructure at every level and currently do so for a number of clients with diverse business needs. Our clients include locum management services, private hospitals, schools, publishers, advertisers, and internet service providers. A quick response and resolution time with friendly and efficient service are our primary goals.

We provide complete management solutions for a companies IT infrastructure as well as tailored packages to allow a company to outsource particular tasks to experts in those fields at competitive rates.

Some of the services we manage for our clients:

• Internal Network and day to day computing needs
• Planning and Implementation of new services
• Network Perimeter Security, advanced high availability solutions our speciality
• Webfarm assets, configuration and security

Contact us today to discuss your needs.

There are many reasons why a Computer Forensics Investigation is initiated

• Corporate Espionage
• Computer Break-ins
• Inappropriate Internet Surfing and/or Email Usage
• Theft
• E-Stalking
• Breach of Contract
• Digital Fraud

To name but a few examples.

A standard investigation consists of three phases

  1. Evidence Collection

  2. Analysis

  3. Reporting

The first phase tends to be the most disruptive and we have invested in the most technically advanced solutions to minimise disruption. Our fully mobile forensic toolset enables us to gather evidence on site and if required continue all elements of the investigation there. This toolset allows us to gather evidence from every type of storage in use today as well as a number of obsolete forms; it also enables us to capture from various devices in everyday usage from mobile phones to digital media players.

Once all relevant evidence has been collected an analysis phase ensues.  The assigned investigator collates and examines all evidence on file while an evidence trail is maintained to comply with legal requirements.

A report is provided upon completion of the forensic investigation as well as a briefing on its findings.

We have a wealth of experience in the information security arena to put at your disposal in solving the problems your organisation must content with. 

IT Policy and Procedures Framework Consulting

Every organisation should have a well maintained employee handbook and policy & procedure framework. We can help to design or update your computer usage policy program and all facets of your policy and procedural framework to deal with the many issues an organisation faces in the real world. The issues a framework and associated documentation should address include incident response, BYOD [Bring Your Own Device], data retention/destruction and recovery, access controls, to name but a few.

Auditing and Compliance Consulting

Auditing of IT resources and processes has become more important in recent years as legislation mandating corporate and enterprise auditing requirements has come into law in various regions. Your business may find itself required to meet certain internal standards for a variety of reasons, Sonrai Security can help in achieving this, whether your goal is complete ISO/IEC 27000-series compliance, verification of software license usage or testing the perimeter firewall rule set.

High availability infrastructure planning and implementation

Need your network to stay online, even if an ISP or device fails, we have implemented a myriad number of cost effective specialised solutions to suit our clients needs.

Contact us to discuss your particular needs.