YOU HAVE A DEVELOPMENT PROJECT ?
WE HAVE THE SOLUTIONS
HEXATRUST Solutions answers the needs of end users, ensuring the intelligibility of our members’ offers portfolio.
Second structuring element within the HEXATRUST offer, after the creation of a comprehensive guide updated each year, the HEXATRUST SOLUTIONS give you a full panorama of the complementarity of the innovative products and services of our members. The HEXATRUST alliance is committed to gather within its portfolio trusted solutions adapted to every kind of organization, especially regarding operators of essential services that have to take appropriate security measures under the guidelines of the NIS Directive.
With an international presence (30% export turnover), HEXATRUST members demonstrate their ability to ensure the deployment of functional easy to use products, everywhere in the world. Those solutions are perfectly fitted for major and small organizations, private or public.
For more information, feel free to contact us at contact@hexatrust.com.
HEXATRUST SOLUTIONS
THE CLASSICS
ENCRYPTION & PRIVACY
With the sophistication and intensification of cyber-attacks, companies have developed needs for encryption on all platforms and all communications means between those platforms. The necessity to ensure a complete management of privacy is met through the development of an end-to-end chain of trust. HEXATRUST offers cover all needs in encryption and protect all type of terminal, VMs, data flows, execution, storage and vocal communications. This level of data privacy can also be reinforced by a physical key.
GOVERNANCE, TRACEABILITY & AUDIT
The extent of the HEXATRUST offer provides a global approach on governance, traceability and audit challenges by allowing rights control and analysis, exceptions and curative actions management, privileged users management as well as their traceability and their access rights supervision, contracts management, applications security management (access, permissions, roles), segregations of duties, industrial networks governance.
IDENTITY AND ACCESS MANAGEMENT
Identity and access management is a crucial component of corporate and industrial information systems security. HEXATRUST members tackles this issue by providing 4 main solutions: habilitation and identity management, strong authentication and access control, single sign-on and identity federation as well as privileged accounts management. While positioning themselves on the protection against conventional and modern threats, HEXATRUST members also offer a unified and comprehensive approach, allowing them to provide a global coverage and to keep a close contact with end users.
INDUSTRIAL SYSTEMS SECURITY
The digitalization of the industry comes with a multiplication of vulnerability factors and an increase in attacks frequency. Therefore, it is necessary to ensure a global supervision of modules and the interactions between them to detect anomalous behavior. The supervision must be tailored to the plurality of modules (models, life span…), their interactions (protocols…) and the constrains of the business of these companies. Compartmentalization is also un major element in order to avoid contagion between the various modules of the SCADA network and to reduce the attack surface. The control and traceability of operating staff and external contractors working within the SCADA network are also decisive in order to prevent malicious and accidental insider threat.
MESSAGING SECURITY
To ensure messaging security, HEXATRUST members provide a global approach based on behavior and contextual analysis of vulnerabilities and threats that might affect messaging systems. The provided solutions protect companies from identity theft, interception and duplication of flows as well as malicious contents in outbound or inbound flows. The solutions also manage privileged accounts, mailing lists and abusive use of mailboxes. They analyze in a comprehensive manner inbound and outbound mail flows in order to detect in real time or retrospectively malwares, phishing, spam, graymails, data theft, client terminals attacks.
MOBILE AND WEB COMMUNICATIONS SECURITY
In addition to providing access points protection and to formally attentively users, it is necessary to filter flows and analyze their content, whether those flows are inbound (malware or malicious access) or outbound (critical data leaks, access to illegal or unauthorized contents). This approach allows organizations to comply with their internal policies and current regulations. HEXATRUST solutions allow for encryption of web (VPN…) and mobile flows (voice and text messages) as well as control the behavior of mobile app which might manipulate data without the user’s knowledge or consent, especially when close to half the planet population now own a mobile internet subscription.
TRANSACTIONS SECURITY
The HEXATRUST approach ensure a complete security covering the whole online transaction cycle without slowing it. In addition to basic solutions such as identity management and strong authentication, contract compliance, electronic signature, PKI and payment, HEXATRUST also provides differentiating functions such as end-points protection (security of their applications and of the interaction between them), web applications and XML stream security, application and websites reputation check as well as fraud detection.
EMBEDDED SYSTEMS & IOT
Experts in their sector, HEXATRUST members provide a constant effort to adapt their solutions to users needs while balancing key approaches such as of “security by design” and active network monitoring. In order to securely deploy IoT systems, companies must adopt end-to-end security strategies where HEXATRUST members provide a full coverage : security by design of embedded systems (OS), secure boot, firmware and software lifecycle management, strong authentication and identity management, as well as encryption of transiting data flows, networks and communications but also firewall, filtering, traceability and network supervision.
NEW RELEASES
2019
CYBERSECURITY ADMINISTRATION & SUPERVISION
Security administration and supervision tools enable the detection and the management of vulnerabilities, the administration of complex parks of security equipment and software (installation, configuration, update, deletion), to equip security supervision with log correlation (Security Information and Event Management: SIEM) and log management software. These tools also provide in-depth protection for critical information systems, especially with multisource data collection and monitoring (threat intelligence) in order to anticipate new threats and detect data leaks and malicious activities. For their part, external SOC services providers allows for collaboration with the client organization in order to implement state of the art practices in supervision, remediation, crisis management and information of third parties.
CONSULTING & TRAINING
Cyber Security consulting provides a leading-edge expertise to better grasp the security of information system and to ensure that the organization is maintained in a state of operational security. HEXATRUST specialists hold the relevant qualifications and are able to provide high-level prestation in governance, prevention, detection, remediation and threat intelligence. Furthermore, training and awareness are tailored for all personnel: general management, technicians, employee… From awareness to basic IT hygiene practices and until advanced formation (Senior staff formation, cyber incident management, crisis management, simulation training…), each department within the organization must be regularly trained to foster an efficient cyber security.
ECOSYSTEM
Within HEXATRUST, a whole ecosystem relevant actors is involved in building a dynamic French and European digital trust and cyber security: users, clients, trust professionals (lawyers, notaries, bailiffs…), IT and innovation experts engaged in information systems security, audit providers specialized in the compliance with the General Regulations of Security (RGS) and the Military Planning Law (LPM), digital trust services providers (electronic certification, electronic timestamping, electronic registered letter with acknowledgement of receipt…), providers specialized in security incident detection (PDIS) and response (PRIS) as well as security products evaluation centers. All these actors contribute to lay the ground for the future by relying on the innovative strength of HEXATRUST members.
TRUSTED CLOUD SERVICES PROVIDER
Trusted cloud hosting and services providers are building the foundations of digital revolution. HEXATRUST members promote innovative approaches that increase trust and security, especially regarding the respect of French and European regulations: General Regulations of Security (RGS) and the Military Planning Law (LPM), GDPR, NIS directive, eIDAS… These approaches are: contractualization and providers/subcontractors commitment, structure and organization in compliance with state-of-the-art Information Systems Security Policy (ISSP), rigorous personnel management, internal audit, consistent risk evaluation, client awareness on hosting and data localization, incident reporting, reversibility of all preproduction data, processing, back-up…
DATA PROTECTION & TRUSTED CLOUD
HEXATRUST SaaS application editors are committed, on one hand, to develop trusted and secure application and comply with the standards of privacy by design and security by design and, on the other hand, operate these applications in trusted Clouds : PaaS platforms, IaaS infrastructure, DaaS data bases that comply with state-of-the-art of trusted cloud services provision. These companies answer various needs: collaborative solutions, digital work stations, data backup, data recovery plans, BtoB and BtoC applications that handled various type of data such as personal or critical data, but always with the consistent approach of ensuring the protection and the security of the data.
SOLUTIONS
• SÉCURISATION DES SYSTÈMES INDUSTRIELS
• PRÉVENTION CONTRE LA FUITE DE DONNÉES
• GOUVERNANCE, TRAÇABILITÉ & AUDIT
• CHIFFREMENT & CONFIDENTIALITÉ
• GESTION DES IDENTITÉS ET DES ACCÈS
• SÉCURISATION DES TRANSACTIONS
• PROTECTION DES FLUX MOBILES ET WEB
• PROTECTION DE LA MESSAGERIE
• SÉCURISATION DES OBJETS CONNECTÉS