IstroSec

European Cybersecurity Company.
Threat Intelligence. Incident Response. Cyber Advisory.

Explore Us

I Have An Incident

I Want To Be Prepared

About Us

Research & Development

Generation of new knowledge on cybersecurity incidents, vulnerabilities and malware, development of specialized tools for prevention, detection and response.

Proactive Security

Ethical hacking, cyber intelligence, technical assessment and hardening of infrastructure and information systems, governance, risk management and compliance, trainings and exercises.

Reactive Security

Cybersecurity incident response, acquisition of digital evidence, digital forensics and court expert witness services. Malware analysis, malware vaccines development and cyber counterintelligence.

People trained

Malwares analyzed

IR and Forensic analysis

Penetration tests

APT groups faced

CVE published

Years of experience together

Phishing emails sent

We’re An European Cyber Security Company.

IstroSec is an ethical company that conducts its business activities honestly, apolitically, directly and fairly to all parties involved.

IstroSec’s Vision

To be an international leader in research, development and cyber security services and deliver strong, innovative and effective solutions to tackle cybersecurity challenges.

IstroSec’s Objectives

Our goal is to offer quality professional services to our customers at a reasonable price and to continuously increase our customer’s security resilience.

IstroSec’s Experiences

We have a track record of hundreds of incident response engagements, including APT groups, our own CVEs and countless pentests, malware analyses and trainings.

IstroSec’s Clients

Our customers are SMEs, corporations, Fortune 500 companies and governmental entities across all industries which take cyber security very seriously.

Our Services

Incident Response

Rapid on-site deployment and remote response and mitigation of computer security incidents.

Offensive Security

Vulnerability Assessment, Penetration Testing, Red Team and Purple Team Engagements.

Threat Hunting

Active hunting for threats in infrastructure based on TTPs and searching for indicators of compromise.

Defensive Intelligence

Data Leaks Searches and Analysis, ClearWeb, DeepWeb, DarkWeb.

Managed Defense

SOC Level 3+, administration and optimization of EDR, SIEM, SOAR and other cybersecurity technologies.

Digital Forensics

Acquisition of digital evidence, investigation, and reconstruction of security events and incidents. Processing of expert testimonies.

Malware Analysis

Analysis of properties, functionality, origin, potential impacts of malicious code, and reverse engineering.

Attack Simulations

Phishing, Spearphishing, Whaling. Custom Scenarios incl. Custom “Malware”. Simulation of advanced attacks and APT.

Audit and Advisory Services

Audits and Implementations of Security Frameworks, vCISO. Technical Audits and Hardening.

Trainings and Exercises

Trainings for personnel, IT professionals and management. Tabletop exercises and drills.

Incident Preparedness

Assessment of adequacy of processes and technology for swift and effective reaction.

IstroCSIRT Services

Full array of CSIRT services, including 24/7 DFIR and proactive security.

Our References

Together, this team has served 17 companies from FORTUNE 500

Three of us played a critical role in Slovakia’s victory at the NATO Locked Shields 2016 competition - beating world-class talent representing 25 other countries

Incident response experience against several nation-state APT attacks

Our Certificates

All Forensics Pentesting Other

GCFE

GIAC Certified Forensic Examiner

GCFA

GIAC Certified Forensic Analyst

GCPN

GIAC Cloud Penetration Tester

GXPN

GIAC Exploit Researcher and Advanced Penetration Tester

CISA

Certified Information Systems Auditor

CRISC

Certified in Risk and Information Systems Control

CISSP

Certified Information Systems Security Professional

OSCP

Offensive Security Certified Professional

OSWP

Offensive Security Wireless Professional

CRTP

Certified Red Team Professional

CRTE

Certified Red Team Expert

CEH

Certified Ethical Hacker

CCNA

Cisco Certified Network Associate

CCDCOE

NATO Cooperative Cyber Defence Centre of Excellence

Enisa

Mobile Threats & Incident Handling; Digital forensics; Artefact Analysis

AWSC

Advanced Windows Security Course Certified Security Professional

SOC Analyst

SOC Analyst Course Certificate of Completion

Microsoft Certified

Azure Security Engineer Associate

CompTIA CySA+

Cybersecurity Analyst+

CCFA

CrowdStrike Certified Falcon Administrator

CCFR

CrowdStrike Certified Falcon Responder

CCFH

CrowdStrike Certified Falcon Hunter

CVE

CVE-2022-24501 CVE-2021-41330 CVE-2021-34971 CVE-2021-27659 CVE-2021-27656

Our Team

Richard Kiskovac

CEO

Richard is a cyber security consultant with over 18 years of experience in the cyber security field in private and public sector covering industries such as telco, government, finance, banking, petroleum, manufacturing, utilities.

Lukas Hlavicka

CTO

Lukas Hlavicka, CISSP, GCFA, GXPN is currently serving as CTO of IstroSec. Previously he served as Director of DFIR department, Director of Governmental CSIRT and Court Expert.

Milan Kyselica

Head of Offensive Department

Milan works as Lead penetration tester in IstroSec. He focuses on red teaming, social engineering and application testing.

Henrich Slezak

Head of Advisory

Henrich is focused on GRC, information security management, security auditing, training and awareness and consultation on information security with more than 10 years of experience in governmental and private sector.

Peter Fischer

Head of Managed Defense

Peter works as head of Managed Defense department in IstroSec. He also focuses on forensic analysis, incident response, threat intelligence and DarkWeb intelligence.

Zuzana Vargova

Senior Forensic Analyst

Zuzana focuses on Windows digital forensic analysis. She has more than 6 years of experience in cyber security field, working in both governmental and commercial sector.

Matus Samel

Senior Managed Defense Engineer

Matus focuses on managed defense services and development of automation tools. He has a lot of experience with administration, deployment and work with different EDR security solutions.

Latest Posts

Virtual Network Computing

Introduction Virtual Network Computing also known as VNC, is defined as graphical desktop-sharing system. It is used for controlling another computer remotely, by transmitting the keyboard and mouse input from one computer to another, relaying on the graphical-screen updates, over a network.

Remote Desktop Protocol vulnerabilities exploitation

Introduction One of the most popular communication protocols for remotely controlling systems is the Remote Desktop Protocol (RDP).

How to use Netsh for troubleshooting network?

Introduction Netsh, in its full name Network Shell, is a command-line tool, for listing and configuring various network settings.

View All Posts

Contact Us

Černyševského 10, 851 01 Bratislava, Slovakia

+421 917 699 002

info@istrosec.com