Alzette Information Security

About Us

Alzette Information Security is a consulting and training company specialized in information security, providing exceptionally high quality, tailor-made services to customers through skills, experience, and enthusiasm. Our security consultants are experts in working with large and complex environments and have more than eight years of experience with extensive background in designing, implementing and auditing security solutions.

MISSION: Respond to client requests that nobody else can and show fresh alternatives to common information security challenges.

VISION: Take information security services to the next level, and shift from art to science.

Get in Touch

Our Team

Alzette Information Security is providing the highest quality information security services. Our security consultants are experts in working with large and complex environments and have more than 10 years of experience with extensive background in designing and implementing security solutions. Alzette Information Security consultants work closely with customer staff members throughout the entire project in order to address any issues and provide the finest, tailor-made solutions aligned to our client’s business needs. We are known for our precision and excellence; strict quality checks applied to every major milestone and project deliverable to ensure the best results. Our highly skilled consultants have the most up-to-date knowledge as they frequently attend security conferences, follow industry trends, participate in training and obtain certifications.


Eva Szilagyi

Managing Partner


Eva Szilagyi

Eva is Managing Partner of Alzette Information Security with more than ten years of professional experience in security source code review, penetration testing, vulnerability assessment, vulnerability management, digital forensics, IT auditing, telecommunication networks and security research. She has two Master’s degrees; one in Electrical Engineering and another one in Networks and Telecommunication.

She holds the following industry-recognized information security certifications: GIAC Security Essentials (GSEC), GIAC Certified Forensic Examiner (GCFE), Global Industrial Cyber Security Professional (GICSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Continuous Monitoring (GMON), GIAC Response and Industrial Defense (GRID), GIAC Defensible Security Architect Certification (GDSA), GIAC Secure Software Programmer-Java (GSSP-JAVA), GIAC Web Application Penetration Tester (GWAPT), GIAC Certified Detection Analyst (GCDA), GIAC Mobile Device Security Analyst (GMOB), GIAC Machine Learning Engineer (GMLE), Practical DevSecOps: Certified DevSecOps Professional (CDP), Certificate of Cloud Security Knowledge (CCSK), eLearnSecurity Web Application Penetration Tester (eWPT), eLearnSecurity Junior Penetration Tester (eJPT), eLearnSecurity Certified Incident Responder (eCIR), QualysGuard Certified Specialists (QGCS).

Eva has spoken at international conferences like BruCON, Hack.lu, Hacktivity, Nuit du Hack, BSides London, BSides Munich, BSides Stuttgart, BSidesLjubljana, BSides Prague, BSidesBUD, Pass the SALT, Blackhoodie, Black Alps, Security Session, and she was a member of the organizer team of the Security BSides Luxembourg conference.

David Szili

Managing Partner


David Szili

David is Managing Partner of Alzette Information Security with more than ten years of professional experience in penetration testing, red teaming, vulnerability assessment, vulnerability management, security monitoring, security architecture design, incident response, digital forensics and software development. He has two Master’s degrees; one in Computer Engineering and another one in Networks and Telecommunication and also has a Bachelor’s degree in Electrical Engineering.

He holds the following industry-recognized information security certifications: GIAC Security Expert (GSE), GIAC Security Professional (GSP),GIAC Experienced CyberSecurity Specialist (GX-CS), GIAC Experienced Intrusion Analyst (GX-IA), GIAC Experienced Incident Handler (GX-IH), GIAC Experienced Forensics Examiner (GX-FE), GIAC Security Essentials Certification (GSEC), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Enterprise Defender (GCED), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), GIAC Cloud Forensics Responder (GCFR), GIAC Continuous Monitoring (GMON), GIAC Law of Data Security and Investigations (GLEG), GIAC Cloud Threat Detection (GCTD), GIAC Certified Detection Analyst (GCDA), GIAC Penetration Tester Certification (GPEN), GIAC Network Forensic Analyst (GNFA), GIAC Python Coder (GPYC), GIAC Mobile Device Security Analyst (GMOB), GIAC Machine Learning Engineer (GMLE), GIAC Assessing and Auditing Wireless Networks (GAWN), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Altered Security Certified Red Team Professional (CRTP), Altered Security Certified Red Team Expert (CRTE), Altered Security Certified Enterprise Security Professional - AD CS (CESP - ADCS), Altered Security Certified Azure Red Team Professional (CARTP), Altered Security Certified Azure Web Application Security Professional (CAWASP), Pentester Academy WiFi Security Professional (PAWSP), CloudBreach Offensive Azure Security Professional (OASP), CloudBreach Offensive AWS Security Professional (OAWSP), Certificate of Cloud Security Knowledge (CCSK), eLearnSecurity Certified Professional Penetration Tester (eCPPT Gold), eLearnSecurity Mobile Application Penetration Tester (eMAPT), eLearnSecurity Network Defense Professional (eNDP), Security Blue Team Blue Team Level 1 (BTL1), Security Blue Team Blue Team Level 2 (BTL2), SecurityTube iOS Security Expert (SISE), EC-Council Certified Ethical Hacker (CEH), Sophos Certified Architect (UTM), Sophos Certified Engineer (UTM, Web Protection), Palo Alto Networks: Accredited Configuration Engineer (ACE), QualysGuard Certified Specialists (QGCS).

David is a certified instructor at SANS Institute, teaching FOR572: Advanced Network Forensics, FOR509: Enterprise Cloud Forensics and Incident Response, and he is the lead author of SANS DFIR NetWars. He has presented at conferences like BruCON, Hack.lu, Hacktivity, x33fcon, Nuit du Hack, BSides London, BSides Munich, BSides Stuttgart, BSidesLjubljana, BSides Prague, BSidesBUD, BSides Luxembourg, Pass the SALT, Black Alps, Security Session, Future Soldier, SANS @Night Talks, Meetups, and he was a member of the organizer team of the Security BSides Luxembourg conference.

Services

Alzette Information Security offers the following consulting services:


Security Monitoring and Threat Hunting

Deployment, fine-tuning and management of open source and commercial Network or Host-based Intrusion Detection/Prevention System (NIDS/NIPS or HIDS/HIPS), Network Security Monitoring (NSM) and Security Information and Event Management (SIEM) solutions. Threat hunting exercises to proactively identify signs of compromise.

Digital Forensic and Incident Response

Digital Forensic (DF) and Incident response (IR) activities, analysis of artifacts, disks, memory images and mobile devices using methodologies, procedures, techniques and industry-accepted hardware and software solutions that preserve the chain of custody and admissible in a court of law.

Malware Analysis and Threat Intelligence

Dynamic and static analysis of malicious software and cross-checking results with threat intelligence sources like CIRCL's Malware Information Sharing Platform (MISP).


Security Architecture and Design

Architecture design, review and audit for defensible networks, cloud solutions, endpoints and applications using tried and tested security models, methods, components and concepts.

Training

Training for professionals; network security, endpoint security, network security monitoring, log analysis and monitoring, penetration testing, secure coding. User awareness programs for employees, professionals, developers, and executives.

Source Code Review and Secure Development

Security source code review services for languages including but not limited to Java, JSP, ColdFusion, JavaScript, TypeScript, PHP, .NET, C/C++, Python. Design and implementation of Secure Development Life Cycle and Secure DevOps.


Vulnerability Assessment and Management

Vulnerability assessment services using automated scanners configured for the target environment, where results are manually evaluated by experts to remove false-positives. Continuous assessment and remediation of vulnerabilities through our vulnerability management services.

Penetration Testing and Red Teaming

External and internal network penetration testing, wireless penetration testing based on the Penetration Testing Execution Standard (PTES) and the Open Source Security Testing Methodology Manual (OSSTMM) methodologies. Red team engagements that include social engineering, physical penetration and advanced techniques like USB HID attacks.

Application Security Testing

Web, mobile and thick/binary application penetration testing based on methodologies such as the Open Web Application Security Project (OWASP) Testing Guide.

Contact

Contact us and we will get back to you within 24 hours.

Tizeshonvéd utca 19., H-3525 Miskolc, Hungary

+36-30-989-7287

[email protected]