IT Security

Cybersecurity & External Penetration Testing

Threats to IT systems are a constant menace and organizations need to be confident that their systems are robust against a variety of external threats.

Penetration testing under controlled conditions to locate and assess possible vulnerabilities and test how robust IT systems cope against realistic attacks are now standard industry practice.

EBM offers international standard (ISO 27001) External Penetration testing of IT systems, undertaken by our team of highly experienced, certified industry professionals with more than 25 years of experience.

The External Penetration Test assesses the security surrounding externally connected systems as well as within a corporate network.

Controlled tests by our expert team are used to seek access to our client’s internet resources and ultimately to the internal network. The testing involves the finding and exploitation of actual known and unknown vulnerabilities from the perspective of an outside attacker.

Full and detailed reports and advice are subsequently prepared for the client to improve and strengthen their systems as and where required.

Contact us for full details of our Cybersecurity & External Penetration Testing services.


Mobile Phone Handset Security

The data and security of smart phone handsets can be compromised in a variety of ways if suitable security systems, settings and best practices are not implemented.

EBM’s security team offers two key services regarding handset security:


Configuration Review

Security configurations vary from handset model to model. EBM offer a thorough check of the handset to test whether its security configuration is set up in line with the best industry practices.


Penetration Testing

Penetration testing is a method for identifying vulnerabilities in a mobile device and exploiting such vulnerabilities. Our controlled testing principally covers attack scenarios including:

“Lost-Phone” – a test of how vulnerable the handset is to data and information loss in the event of handset loss.

“Man-in-the-Middle Attack” – a test of the vulnerability of the handset to a technical attack by a malicious third party.

“Socially Engineered Attack” – a test of the vulnerability of the handset support systems to socially engineered attacks by a malicious third party.

Following the rigorous testing full reports are delivered to the client outlining vulnerabilities found and recommended remedial action.

Clients requiring Mobile Phone Handset Security services typically include key principals and senior management of organizations and individuals who travel frequently.

Contact us for full details of our Mobile Phone Handset Security services.


Technical Surveillance Counter Measures (TSCM) and Eavesdropping Detection Audit (EDA)

EBM Consulting offer an industry-leading TSCM & EDA sweep and analysis of rooms, premises and locations utilising a combination of specialist radio and telecommunications line analysing equipment and extensive physical searches by experienced operatives.

Our TSCM team is available at short notice in Hong Kong and will survey premises quickly and discreetly, assess any threats located and provide professional strategies & solutions.

Contact us for full details of our Technical Surveillance Counter Measures (TSCM) and Eavesdropping Detection Audit (EDA) capabilities and services.