e-Lock Corporation Sdn Bhd

17/09/2022

As businesses and government continue to embrace digitalisation, the likelihood of a data breach increases.

For the past 22 years, e-Lock Corporation had consulted companies, government agencies and financial institutions to help them ensure that critical business and staff data remain secure and protected.

Let us help your organisation find the gaps in your network security before the bad guys discover them.

Get more details here: https://www.elock.com.my/pentest

10/02/2021

Wishing all our customers, partners and friends, Gong Xi Fa Cai.

Stay safe while celebrating the Niu Year.

24/12/2020

Wishing our customers, partners and friends, A Merry Christmas!

17/11/2020

We help you manage and protect your network from ransomware attacks so that you can stay focussed on your business.
You can get more information here: https://www.elock.com.my/matrix-service-corp

18/09/2020

Would you rather be busy growing your business or fighting ransomware attacks?

Let the professionals help take the stress off your shoulders when it comes to protecting your business from ransomware attacks.

Talk to us - https://www.elock.com.my/matrix-service-corp

30/08/2020

10/08/2020

Camera manufacturer Canon appears to have become the latest high-profile organization to fall victim to a ransomware attack, which has paralyzed its email services, US website, and various internal applications. The incident caused the company to suffer a worldwide service outage that spanned multiple days, preventing users from uploading exercise data to Garmin Connect and using its aviation navigation service, FlyGarmin.

Recently, the ​Canon has undergone a ransomware attack that has a very large influence on various services of Canon, like its email, USA website, Microsoft Teams, and many other internal applications.

26/06/2020

Black, Grey, and White Box Pe*******on Testing. What are the differences?

- A Black Box Pe*******on Test is unauthenticated, where the pe*******on testing team don't really know much about the environment. It emulates an adversary with little knowledge about the target and environment, except the IP Address, URL, or hostname.

- A Grey Box Pe*******on Test is a credential authenticated test, where the pe*******on testing team has the user-level access with some knowledge about the target. The information the pentester knows is typically from the perspective of a user on the network or user on your system, for example: physicians' portal or a patient portal of a healthcare provider. This is used to emulate an insider threat or user on a system with malicious intent or that had their account compromised.

- A White Box Pe*******on Test is where the pe*******on testing team has full/administrative/root-level access to the system, documentation, source code, software developers, etc. It is performed typically during software/application development.

To find out how we can help your organisation to deploy these type of testing, click here: https://bit.ly/fb_blackgreywhite_box

24/06/2020

5. Security posture assessment (SPA) - Ways to Improve the Security Posture at Your Organization

Organizations need to have a strong cybersecurity posture as this will enable them to adequately detect and manage intrusions across networks. There are a few best practices that you can implement to improve your organization’s security posture.

i. Conduct a cybersecurity risk assessment
By conducting a cybersecurity risk assessment, it identifies the level of vulnerability across various assets within your organization. The results of the assessment will help you determine which actions need to be taken to enhance your security posture as well as inform the security controls you put in place to protect against future attacks.

ii. Educate your employees
It is essential to prioritize employee training as a means of protection against external cyber threats. Security training should be administered to every employee during the onboarding process, based on job function and seniority.

iii. Implement automated cybersecurity solutions
Implementing automation into your organization’s network environment is imperative when working to mitigate risk and improve security practices. Additionally, automated cybersecurity solutions can help cut down incident response times and stop attacks from spreading across networks.

To find out how we can help improve your organisation’s Security Posture, click here: https://buff.ly/2V9grNJ

22/06/2020

Why You Need a Manual Pe*******on Test?

Even with automated machine learning pe*******on test programs, there are still items that require human attention to verify.

Blind SQL Injection - SQL injection occurs when a user of the application injects SQL commands into the backend of a database. While developers have found ways to suppress errors displayed on the screen and instead log errors on the back-end, hackers are still able to find ways to exploit vulnerable areas. A manual pe*******on test is more effective in discovering some vectors of attack or business logic error.

Broken Access Control - Access control and session handling are two of the hardest areas to secure within web applications. This is another blind spot for automated scanners.

Cross-Site Request Forgery attacks – This attacks occur when an application fails to provide a mechanism to verify that the request being issued is truly being requested by the account user. Such attacks are difficult for automated scanners to detect because they either show a false positive when they believe a CSRF token is not present, or a false negative when tokens are present but are not functioning properly.

To find more on our manual pe*******on testing methods, click here: https://bit.ly/li_manual_pentest

19/06/2020

What is Manual Pe*******on Testing?

Manual pe*******on testing is the testing that is done by human beings, instead of automated pe*******on testing tools. In such type of testing, vulnerability and risk of a machine are tested by an expert engineer.

Generally, testing engineers perform the following methods:
• Data Collection − One can either collect data manually or use tool services (such as webpage source code analysis technique, etc.) freely available online. These tools help to collect information like table names, DB versions, database, software, hardware, or even about different third party plugins, etc
• Actual Exploit − This is a typical method that an expert tester uses to launch an attack on a target system and likewise, exploiting the identified vulnerability in attempts to gain administrative access of the targeted system.
• Report Preparation − Once the pe*******on is done, the tester prepares a final report that describes everything about the system. Finally, the report is analysed to take corrective steps to protect the target system.

To find out how our robust manual pe*******on testing methods can help secure your organisation, click here: https://bit.ly/fb_manual_pentest

17/06/2020

What is Automated Pe*******on Testing?

Automated pe*******on testing is a much faster & easier method to test the vulnerability and risk of a network automatically. This technology does not require any expert IT engineer, rather it can be run by any person having least knowledge of this field. Some example of tools for automated pe*******on testing are Nessus, Metasploit, OpenVAs, Kali Linux, etc.
If you are keen to know more about our pe*******on testing services (using a combination of automated and manual testing methods), click here: https://bit.ly/fb_auto_pentest