Secure IT right.

Enterprise companies, government agencies, educational, and non-profits are among the organizations targeted every day – many of whom are woefully unprepared to respond to security incidents.
Mytseclabs was founded with the mission of protecting sensitive data, and IT systems. With a decade of combined experience, hundreds of hours of practice, and core values from our time in service, we will use our skill set to secure your environment.

By using the latest techniques, methodologies and attack simulation from an adversary prospective, we make sure that your organization is approaching the best practice to mitigate the risk at the lowest cost. Our aim is to contribute to the efforts of our customers in securing the critical IT infrastructure and crown jewels within their IT landscape.

We offer a cost-effective Secure Email Gateway(SEG) based on OpenBSD that provides SPAM, Virus and Malware protection controls, full in‐transit and at‐rest email encryption. It features the latest email authentication techniques such as SPF (Sender Policy Framework), DKIM (Domain Keys Identified Mail) and DMARC (Domain‐based Message Authentication, Reporting and Conformance) in order to combat email spoofing, phishing, scams, email compromise attacks.

This Secure Email Gateway(SEG) combines Open Source technologies such as OpenSMTPD, RSpamd, ClamAV, Senderscore and OpenPGP Web Key Service under one unified package of incoming and outgoing emails for your organization.
It can be deployed to protect your in‐house email solution as well as cloud email solutions such as Google Mail(Workspace) and Microsoft Office 365

Information technology (IT) systems are the backbone for a significant number of modern business enterprises. These include software applications, network solutions, and server hardware used to maintain operations and deliver value to customers. Therefore, protecting them from the ever-present threat of cyberattacks should be a priority for these organizations. Systems hardening is just one of the ways to ensure the operational efficiency of these systems.

As a result, businesses need to take the necessary steps to protect themselves and their customers from attacks. Systems hardening should be an essential part of these steps necessary for an effective defense against cyberattacks.

An external penetration test emulates the role of an attacker attempting to gain access to an internal network without internal resources or inside knowledge. A Mytseclabs engineer attempts to gather sensitive information through open-source intelligence (OSINT), including employee information, historical breached passwords, and more that can be leveraged against external systems to gain internal network access. The engineer also performs scanning and enumeration to identify potential vulnerabilities in hopes of exploitation.

An internal penetration test emulates the role of an attacker from inside the network. A Mytseclabs engineer will scan the network to identify potential host vulnerabilities. The engineer will also perform common and advanced internal network attacks, such as: LLMNR/NBT-NS poisoning and other man- in-the-middle attacks, token impersonation, kerberoasting, pass-the-hash, golden ticket, and more. The engineer will seek to gain access to hosts through lateral movement, compromise domain user and admin accounts, and exfiltrate sensitive data.

Wireless testing is the evaluation of your wireless posture. Nearly every business provides wireless access for their employees. Some go as far as allowing guests on the network. Our engineers evaluate WPA password strength, perform evil twin attacks, conduct WPA-Enterprise bypassing attacks, and evaluate network visibility and segmentation.

Web application testing measures the security posture of your website and/or custom developed application. Mytseclabs performs full unauthenticated and authenticated testing based on strict OWASP guidelines. Our engineers focus on identifying weak points across the entire web application to ensure your applications and data stay safe. Testing activities include hunting OWASP Top 10 Vulnerabilities, website mapping and enumeration, testing for injection attacks (SQL, JavaScript, LDAP, etc.), testing for remote code execution, malicious file upload abuse testing, and more.

A cloud security assessment evaluates your organization’s cloud infrastructure. Our engineers can assist with an assortment of services to evaluate your organization’s cloud security posture, including cloud architecture reviews, Web Application assessments, host audits, and Infrastructure-based penetration testing.
Console audits for AWS, Azure, and GCP consider the organization’s cloud perimeter and internal network architectures. After reviewing the architecture, the engineer validates the implementation on the system consoles. This review precipitates architectural and detailed implementation recommendations for improvement.
Console Architecture Assessment A console architecture assessment considers the perimeter and internal network architectures and configurations.

Not all companies require a penetration test to successfully evaluate their security posture. Regular vulnerability scans are often an alternative. An engineer performs vulnerability scanning to search systems for known vulnerabilities without exploitation attempts with an end goal of providing a remediation report prioritized on risk.

We are also passionate about teaching others. We offer a range of packages, including scheduled training events, private corporate events, and even one-on-one training for those looking for a more personal experience.

Sometimes, your organization doesn’t fit into “off the rack” assessments and that’s okay. We’re here to tailor to you and be a perfect fit. If you’re seeking security consulting that’s not listed here, please contact us and let us know how we can help.