Our services
The services we provide are structured in multiple different categories. Read more about our cybersecurity & governance services below.
Request Free Access to Services
Got questions about cybersecurity for your business? We’ve got you covered. Feel free to ask any question – we’re here to help!
Service Packages
Cyber Maturity Package (Basic Package)
• Digital maturity assessment;
• Risk assessment;
• Vulnerability Assessment;
• Penetration Test;
Cyber Confidence Package
• Training of operational and management staff;
• Digital maturity assessment;
• Risk Assessment;
• Vulnerability Assessment;
• Penetration Test;
• Digital Conference Participation;
Cyber start-up package
• Evaluation of digital Maturity;
• Risk assessment;
• Vulnerability Assessment;
• Penetration test;
• Software product penetration test within Trakia Cyber Range;
• Participation in investor seminars;
• Participation in a digital conference;
• Participation in a funding seminar
or any other service from access to
funding or Ecosystem.
Digital Municipality Package
• Digital maturity assessment;
• Training of operational and managerial staff;
• Risk Assessment;
• Vulnerability Assessment;
• Penetration testing;
• Participation in a digital conference;
• Participation in funding workshop or any other service from access to funding or Ecosystem.
Managed Security Services
Digital Maturity assessment
The expected progress in digital maturity of each EDIH recipient will be measured through a new Digital Maturity Assessment tool that will be put at the disposal of the EDIH community by the Commission, and whose adoption by all grantees will be mandatory in order to ensure proper comparability and aggregation of data at regional/national/EU level.
Vulnerability assessment
A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed.
Threat/Risk assessment
A cyber security risk assessment is the process of identifying, analysing and evaluating risk. It helps to ensure that the cyber security controls you choose are appropriate to the risks your organisation faces. Without a risk assessment to inform your cyber security choices, you could waste time, effort and resources. There is little point implementing measures to defend against events that are unlikely to occur or won’t impact your organization.
Penetration tests
White box penetration testing
A method of testing where testers target individual binary components or the application as a whole to determine whether intra or intercomponent vulnerabilities can be exploited to compromise the application, its data, or its environment resources. White box penetration testing, sometimes referred to as crystal or oblique box pen testing, involves sharing full network and system information with the tester, including network maps and credentials. This helps to save time and reduce the overall cost of an engagement. A white box penetration test is useful for simulating a targeted attack on a specific system utilising as many attack vectors as possible.
Grey box Penetration Testing
A method of testing where testers target individual binary components or the application as a whole to determine whether intra or intercomponent vulnerabilities can be exploited to compromise the application, its data, or its environment resources. In a grey box penetration test, also known as a translucent box test, only limited information is shared with the tester. Usually this takes the form of login credentials. Grey box testing is useful to help understand the level of access a privileged user could gain and the potential damage they could cause. Grey box tests strike a balance between depth and efficiency and can be used to simulate either an insider threat or an attack that has breached the network perimeter.
Black box Penetration testing
A method of testing where testers target individual binary components or the application as a whole to determine whether intra or intercomponent vulnerabilities can be exploited to compromise the application, its data, or its environment resources. In a black box penetration test, no information is provided to the tester at all. The pen tester in this instance follows the approach of an unprivileged attacker, from initial access and execution through to exploitation. This scenario can be seen as the most authentic, demonstrating how an adversary with no inside knowledge would target and compromise an organisation. However, this tyically makes it the costliest option too.
Operation technologies penetration testing
OT Penetration Testing for OT cloud services/systems by analysing all possible attack vectors and test all access point from external untrusted network to the cloud infrastructure. In addition, conduct a full vulnerability assessment for the deployed cloud systems.The main focus is that penetration testing is applied to specific industrial technologies used in manufacturing and healthcare.
Consulting
Consulting
The consulting services will be at the core services of EDIH Trakya. The services will be including: Digital strategy, Digital modernization and Digital Deisign and Enablement, and Digital repports
Cyber range as a Service
Next-generation cyber-range-as-a-service (for training)
The majority of security training today is done through online and face to face training courses. In both cases, most of the learning occurs through listening to videos or live lectures, and through reading notes or slides. Relatively little time is spent on hands-on learning. The use of cyber ranges changes that as it can provide a convenient and more cost-effective way of delivering hands-on training, as well as the associated training assessment and certification. According to Gartner, by 2022, 15% of large enterprises were already using cyber ranges to develop the skills of their security teams, up from less than 1% a few years back.Security education specifically refers to academia as opposed to the lifelong learning and training that professionals undergo after they leave university. One of the recurring complaints from industry is the lack of hands-on experience by young graduates. The root cause of such a gap is the cost and complexity of providing students with hands-on experience while at the same time not diluting the educational value of university degrees. Universities around the world have begun looking at cyber ranges as a means of improving teaching and learning.
Next-generation cyber-range-as-a-service (for Proof of Concept)
Cyber Range is a virtual environment that supports cyber security training, cyber security exercises, testing of contingency plans or incident response processes to enhance the resilience and increase cyber security capabilities of organizations.
Next-generation cyber-range-as-a-service (for competence/recruitment assessments)
Competence is a set of attributes such as knowledge, skills and abilities required to successfully perform specific tasks. As the security skills gap increases, organisations need an efficient way of assessing and selecting the right personnel. Using cyber ranges can allow organisations to perform competence assessment beyond the traditional tests, based on multiple choice questions or theoretical simulations. Cyber ranges allow the assessment to be practical and based on the successful completion of practical tasks and/or on the observation of user behaviour and choices made in the execution of practical tasks or assignments.; As cyber ranges are used for competence assessment, it is also to be expected that they will change hiring practices allowing organisations to better identify, validate and hire suitable candidates. This application is highly dependent on the development of the national and international competence frameworks currently being developed around the world.
DefeatRansomeware
DefeatRansomeware
The power of the Hub's HPC will be used to provide solutions on the biggest cybersecurity threat in Europe at the moment - ransomeware. Working with advanced mathematical and statistical models and DefeatRansomeware package will focus on providing solutions and new ways in combating Ransomeware.
Skills and trainings
Security Fundamentals
• Cyber Security Introduction
• Network Fundamentals
• Web Fundamentals
• Linux Fundamentals
Penetration Testing Fundamentals
• Penetration Testing Methodologies
• Black box, White box, Grey box
• Network Security
• Vulnerability Research
• Metasploit
• Introduction to Web Hacking
• Burp Suite
• Privilege Escalation
Web Hacking Fundamentals
• Introductory Networking
• Web Fundamentals
• BurpSuite & OWASP Zap
• Common web application security vulnerabilities
Cyber Defense
• Basics of networking, host-based systems, and active directory.
• Threat and Vulnerability Management
• Security Operations & Monitoring
• Incident Response and Forensics
• Basic Malware Analysis
Offensive Pentesting
• Active Reconnaissance
• Vulnerability Scanning
• Privilege Escalation
• Vulnerability Scanning
• Handling Public Exploits
• Password Cracking
• Metasploit Framework
• Web Application Attacks
• Windows buffer overflow vulnerabilities
• Exploitation of services vulnerable to buffer overflow
• Active Directory Basics
• Exploiting Domain Controllers
• Post exploitation
Other services
HPC and AI generic training
1. Artificial Intelligence Foundation
2. Introduction to Artificial Intelligence (AI) and Machine Learning (ML)
3. Artificial Intelligence for Business Users 4. Nexus between HPC and AI
Investor Days (meetings with national and international investors)
Investors days will meet successful national and international investors with innovative companies and start-ups. The companies will have the opportunities to provide a pitch session for their products and services.
Debt funding, Crowdsfunding, Angels investments
Investors seminars will provide seminars between SMEs and the Public Administration and Investors and lectures from the proposed categories. The seminars will also demonstrate succesfull tactics to provide the abovementioned funding.
EU and national funding opportunities seminars
The EU and national funding opportunities seminars will provide access to experts on EU and National funding and help companies to prepare for the financing opportunities in the 2021-2027 MFF and national operative programs.
Conferences
The proposed thematic conference will provide a platform for all the relevant stakeholders to discuss the challenges and opportunities for SMEs and Public organizations in terms of their digitalization path. The thematics of the conferences will be provided by a survey among the customers of the Hub and address all the relevant issues concerning their cybersecurity and digitalization.
Online seminars
The online seminars will gather at one plase all the relevant stakeholders from the cybersecurity ecosystem on regional, national and European level. The planned seminars will bring togther representitives of cybersecurity companies, relvant public bodies responsible for the development of cybersecurity ecosystem on the side of the cybersecurity providers and SMEs and public administration bodies on the side of consumers of cybersecurity products and services.
Demonstration days
Demonstrations days will provide platform for the providers of cybersecurity solutions to present and demonstrated in close to real enviroment their solutions on cybersecurity.
Integrated provisioning of digitalization services
The platform will be providing access to all the services of the Hub in a seamless and online way to the participants and clients of the hub.