Alzette Information Security

About Us

Alzette Information Security is a consulting and training company specialized in information security, providing exceptionally high quality, tailor-made services to customers through skills, experience, and enthusiasm.

MISSION: Our mission is to work together with our clients in order to help them align information security with their business needs.

VISION: Our vision is to make the Internet a safer place for individuals and businesses so that they can grow, learn and share knowledge with each other.

Get in Touch

Our Team

Alzette Information Security is providing the highest quality information security services. Our security consultants are experts in working with large and complex environments and have more than 8 years of experience with extensive background in designing and implementing security solutions. Alzette Information Security consultants work closely with customer staff members throughout the entire project in order to address any issues and provide the finest, tailor-made solutions aligned to our client’s business needs. We are known for our precision and excellence; strict quality checks applied to every major milestone and project deliverable to ensure the best results. Our highly skilled consultants have the most up-to-date knowledge as they frequently attend security conferences, follow industry trends, participate in training and obtain certifications.

Eva Szilagyi

Managing Partner, CEO

Eva is Managing Partner and CEO of Alzette Information Security with more than 8 years of professional experience in security source code review, penetration testing, vulnerability assessment, vulnerability management, digital forensics, IT auditing, telecommunication networks and security research. She has two Master’s degrees; one in Electrical Engineering and another one in Networks and Telecommunication.

She holds the following industry-recognized information security certifications: GIAC Security Essentials Certification (GSEC), Global Industrial Cyber Security Professional (GICSP), GIAC Continuous Monitoring Certification (GMON), GIAC Secure Software Programmer-Java (GSSP-JAVA), GIAC Web Application Penetration Tester (GWAPT), GIAC Mobile Device Security Analyst (GMOB), eLearnSecurity Web Application Penetration Tester (eWPT), eLearnSecurity Junior Penetration Tester (eJPT), QualysGuard Certified Specialists (QGCS).

Eva has spoken at international conferences like Nuit du Hack (2018), BSidesBUD (2018), BSides Munich (2018), Pass the SALT (2018), Security Session (2018) and she is member of the organizer team of the Security BSides Luxembourg conference.

David Szili

Managing Partner, CTO

David is Managing Partner and CTO of Alzette Information Security with more than 8 years of professional experience in penetration testing, red teaming, vulnerability assessment, vulnerability management, security monitoring, security architecture design, incident response, digital forensics and software development. He has two Master’s degrees; one in Computer Engineering and another one in Networks and Telecommunication and also has a Bachelor’s degree in Electrical Engineering.

He holds the following industry-recognized information security certifications: GIAC Security Essentials (GSEC), GIAC Certified Enterprise Defender (GCED), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), GIAC Continuous Monitoring Certification (GMON), GIAC Network Forensics Analyst (GNFA), GIAC Python Coder (GPYC), GIAC Mobile Device Security Analyst (GMOB), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), EC-Council Certified Ethical Hacker (CEH), eLearnSecurity Certified Professional Penetration Tester (eCPPT Gold), eLearnSecurity Mobile Application Penetration Tester (eMAPT), eLearnSecurity Network Defense Professional (eNDP), SecurityTube iOS Security Expert (SISE), Sophos Certified Architect (UTM), Sophos Certified Engineer (UTM, Web Protection), Palo Alto Networks: Accredited Configuration Engineer (ACE), QualysGuard Certified Specialists (QGCS).

David is an instructor at SANS Institute, teaching FOR572: Advanced Network Forensics. He has presented at conferences like BruCON (2017), Hack.lu (2013, 2016, 2017), Hacktivity (2008 and 2016), x33fcon (2018), Nuit du Hack (2017, 2018), BSidesBUD (2017, 2018), BSidesLjubljana (2017), BSides Munich (2018), Pass the SALT (2018), Security Session (2018), SANS @Night Talks (2017, 2018), and he is member of the organizer team of the Security BSides Luxembourg conference.

Services

Alzette Information Security offers the following consulting services:

Security Monitoring and Threat Hunting

Deployment, fine-tuning and management of open source and commercial Network or Host-based Intrusion Detection/Prevention System (NIDS/NIPS or HIDS/HIPS), Network Security Monitoring (NSM) and Security Information and Event Management (SIEM) solutions. Threat hunting exercises to proactively identify signs of compromise.

Digital Forensic and Incident Response

Digital Forensic (DF) and Incident response (IR) activities, analysis of artifacts, disks, memory images and mobile devices using methodologies, procedures, techniques and industry-accepted hardware and software solutions that preserve the chain of custody and admissible in a court of law.

Malware Analysis and Threat Intelligence

Dynamic and static analysis of malicious software and cross-checking results with threat intelligence sources like CIRCL's Malware Information Sharing Platform (MISP).

Security Architecture and Design

Architecture design, review and audit for defensible networks, cloud solutions, endpoints and applications using tried and tested security models, methods, components and concepts.

Training

Training for professionals; network security, endpoint security, network security monitoring, log analysis and monitoring, penetration testing, secure coding. User awareness programs for employees, professionals, developers, and executives.

Source Code Review and Secure Development

Security source code review services for languages including but not limited to Java, JSP, ColdFusion, PHP, .NET, C/C++, Python. Design and implementation of Secure Development Life Cycle and Secure DevOps.

Vulnerability Assessment and Management

Vulnerability assessment services using automated scanners configured for the target environment, where results are manually evaluated by experts to remove false-positives. Continuous assessment and remediation of vulnerabilities through our vulnerability management services.

Penetration Testing and Red Teaming

External and internal network penetration testing, wireless penetration testing based on the Penetration Testing Execution Standard (PTES) and the Open Source Security Testing Methodology Manual (OSSTMM) methodologies. Red team engagements that include social engineering, physical penetration and advanced techniques like USB HID attacks.

Application Security Testing

Web, mobile and thick/binary application penetration testing based on methodologies such as the Open Web Application Security Project (OWASP) Testing Guide.

Alzette Information Security

We are passionate about our profession; we participate in open source projects and very active in the information security community, organizing events and presenting at various conferences.

Information Security

Much like a river, information security is an ever-changing flow, therefore security controls must be clear, simple and constantly adapted to the current threat landscape.

Our Services

We offer a wide variety of defensive and offensive information security consulting services as well as trainings for professionals and user awareness programs for employees.