Main fields of activity

Aletheia is organized into two departments that make use of internal resources, external consultants and stable partnerships with market leaders who have been selected for the quality and/or specificity of their products.

Compliance to European and Swiss regulations is supported by a technical component and more strictly legal expertise. The compliance activity includes RED Shield, which concerns the processing of personal data, and RED Shield Web rather oriented to verify compliance with regulations in the management of the website.

Data security department makes use of advanced artificial intelligence systems and structured consulting services provided with the use of highly qualified technicians all ISO certified.

The cyber defence is based on an innovative method based on behavioural analysis developed by Darktrace, activating a defence method similar to the one adopted by our immune system towards a viral attack. Legacy systems such as firewalls, endpoint security methods and other tools such as SIEMs and sandboxes are becoming insufficient to counter the speed and sophistication of attacks.

The Security Audit combines Penetration Test and Risk Assessment activities in a single service. The result of this synergy is an extremely detailed analysis, aimed at assessing precisely (and also quantitatively) the security posture of the IT infrastructure.

Business Continuity Management is the process related to an organization's ability to maintain critical operations after the occurrence of accidents or natural disasters. This process is structured as follows

  • Identification of potential threats to business continuity;
  • Defining appropriate responses to the disruption of business-critical operations;
  • Reduction of risks associated with business continuity and mitigation of their impact.

PCI DSS Compliance (Payment Card Industry - Data Security Standard), an international regulation created by the main payment brands in order to reduce the security risks faced by merchants, service providers, and final customers in the credit card sector. (This service is guaranteed by the partnership with Mediaservice, a product, technology and vendor independent company, accredited and enabled directly by PCI SSC, for the evaluation and validation of PCI DSS compliant environments.)

Web Monitoring is based on Artificial Intelligence applications integrated by automatic procedures and human intervention, some services are integrated in Web Shield and can be rendered to the customer in the form of a report or available on our platform. These services are possible thanks to the partnership with Immuniweb and are integrated with investigations carried out by our technicians, including sophisticated monitoring services:

  • Continuous detection, testing and classification of digital and IT resources, with proactive monitoring of company quotes in Dark Web and Code Repositories.
  • Mobile Penetration Test with Zero False-Positive SLA and Tailored remediation guidelines and 24/7 support
  • Continuous monitoring of applications with scalable, rapid, DevSecOps-enabled tests, continuous penetration testing, zero false positive SLAs and tailored remediation guidelines.