Phone02-22699305

CYBER SECURITY SERVICES

CyShield is a cyber security services company, established in 2016 and headquartered in Egypt.
With a supreme talented team and a constant desire for innovation, we offer distinctive quality of services with the customer in the core of everything we deliver.

About Us

MISSION

Our talented team offers a wide range of services to ensure that the customer's cyber security shield is aligned with the latest information security standards.

VISION

To be a leader in the cyber security industry, providing a wide range of services and solutions with exceptional performance backed up by a powerful research and development center.

WHY US ?

We provide a wide range of professional services including cyber security consultancy, vulnerability assessments, penetration testing and cross-platform malware analysis.

Our Services

VULNERABILITY ASSESSMENT

This first step is very essential in the roadmap of securing your environment. It will unravel the security flaws and vulnerabilities across your network, applications, devices and people. Our team uses the latest testing standards and methodologies like OSSTMM & OWASP testing guide.

PENETRATION TESTING

Our pentesting services take the vulnerability assessment a step further simulating real-world attack scenarios, assuring whether the threats exposed are exploitable and to what extent. Our experts chain the exploits and bypass security systems to display how the vulnerabilities turn to successful compromises.

APPLICATION SECURITY ASSESSMENT

Our security experts come from a solid background in software development and participated in the creation of a variety of projects. Having worked on both sides, the offensive and defensive, they can help customers understand how to practically apply the Security Development Lifecycle framework.

WE'RE HIRING!

  You will be responsible for delivering a variety of technology services to our customer base. The service needs will vary by client but will include every aspect of our product offerings lifecycle, including deployment & configuration, knowledge transfer, upgrades & maintenance and retirement.   

Responsibilities:

  • Manage and maintain multi-vendor, multi-protocol networks.
  • Develop and maintain consistency within the networking infrastructure.
  • Deploy both simple and complex solutions and integrate them into an already existing production environment.
  • Document all aspects of the service engagement including technical notes, time spent on projects and the status of the project.
  • Participate in all implementation designs, setups, and review processes to ensure success.
  • Collaborate with client teams in resolving technical/system related inquiries.

Job Requirements:

  • In-depth experience with routing and switching.
  • Experience developing and understanding network device configuration for at least one vendor (Juniper, Cisco, Arista, Brocade, etc.)
  • Experience implementing a SIEM or log management system is highly desired.
  • Experience scripting with perl, python, ruby, awk and shell strongly preferred.


Interested? Please send your CV!

  Perform manual and automated penetration tests on web applications and web services.   

Responsibilities:

  • Perform penetration testing both whitebox/blackbox.
  • Being up to date with the latest vulnerabilities and weaknesses.
  • Write reports of penetration test findings.
  • Write scripts for proof-of-concept of found vulnerabilities.

Job Requirements:

  • Good communication skills.
  • Good technical writing skills.
  • Deep understanding of web application programming languages and vulnerabilities.
  • Familiarity with OWASP Top 10, and Sans top 25 vulnerabilities.
  • Experience in SQL.
  • Ability to work under pressure to deliver reports before deadline.
  • Experience with tools like Burp Suite/NMAP/Scanners (OpenVas/Nessus/Acunetix/etc)
  • Knowing how to fix said vulnerabilities and help developers do so.
  • Experience with JavaScript, PHP and ASP.NET.
  • Good leadership skills.
  • English Language Proficiency.
  • Familiarity with the SDLC process.
  • Deep understanding of web servers and linux/windows ecosystem.
  • Be able to produce risk assessment result of found vulnerabilities.
  • Experience playing CTF competitions.
  • Experience writing or contributing to open-source tools
  • Experience writing blog posts about security.
  • Found bugs with public CVEs.
  • Application security certifications like: OSCP/OSWE/GWAPT/GPEN.


Interested? Please send your CV!

  A talented out-of-the box pentester who strives for the extra mile in each engagement is required to plan, infiltrate and document their work.   

Responsibilities:

  • Perform vulnerability assessments and responsible Internal/External penetration testing.
  • Write informative, well presented reports and presentations explaining the findings and their mitigation.

Job Requirements:

  • Python Experience is a must, C++ essential knowledge is prefered
  • A relentless passion for penetration testing and passion in developing automated vulnerability scans
  • Well understanding of network concepts, protocols and OSI Stack
  • Knowledge in testing methods and standards such as OWASP,NIST and OSSTMM
  • Experience in multi client server applications and P2P networks.
  • Understanding of recent network concepts like TOR.
  • Experience in Linux OS is a must.
  • Experience in using Metasploit Framework and ability to modify exploits to target vulnerable remote devices.
  • Ability to design undetected and stable reverse shells and deploy them on remote servers.
  • Understanding how to pivot connections in windows and linux environment.
  • Understanding core windows and linux remote administration protocols and methods.
  • Understanding how to leverage vulnerabilities to obtain SYSTEM/root privileges.
  • Basic understanding of abusing different application and server features like SQL Server & MYSQL stored procedures
  • Updated information regarding latest found vulnerabilities
  • Fluency in English spoken and written
  • Well respect for time and responsibilities
  • Good understanding of Network security appliances and how to subvert them
  • Basic reverse engineering knowledge is a plus.
  • Good understanding of OSI and how to gather information about a target
  • Knowledge about usage of embedded devices to aid and automate in pentesting


Interested? Please send your CV!

  A senior developer whose mindset accepts nothing but a perfect optimized design and implementation of innovative applications in the security domain, always keen on learning more, sharing thoughts and ideas.   

Responsibilities:

  • Designing, executing, assessing, and troubleshooting applications
  • Configuring, analyzing, designing, developing, unit testing and documenting software specifications throughout the project life cycle
  • This responsibility will extend to contributing in the estimates of the project, the quality, and timeliness of the deliverables and the project’s compliance to the organizational processes and standards
  • Development of security related tools
  • Performing .NET secure code audits

Job Requirements:

  • A Computer Science / Engineering graduate
  • A ruthless commitment to testing the code you’ve written
  • Expertise in the SDLC theoretically and practically
  • Excellent knowledge of Relational Databases, NoSQL and ORM.
  • Experience with C++, Python and C#.
  • Expertise with RESTful services and API consumption.
  • Expertise in Reflection
  • Fair knowledge in .NET Reverse Engineering, Obfuscation Techniques
  • Experience in designing fast distributed Socket based applications
  • Basic knowledge of GIT
  • Fair knowledge of Linux OS
  • Windows Desktop/Domain Environment knowledge is prefered


Interested? Please send your CV!

  Back-End Software Engineer will serve as part of a development team supporting both established projects and creating from the ground up. The ideal candidate is an experienced team player that is passionate about technology and committed to self learning, possessing the ability to apply their technical knowledge, skills, and experience to solve complex/real-world problems.   

Responsibilities:

  • Identify performance bottlenecks, challenge opinions and propose solutions
  • Writes codes that meets standards and delivers desired functionality using the selected technology
  • Understand performance parameters and assess application performance
  • Working with the team to continuously improve processes across all areas of the software project
  • Apply principles of SDLC and methodologies like Lean/Agile/XP, CI, Software and Product Security, Scalability, Documentation Practices, refactoring and Testing Techniques

Job Requirements:

  • Bachelor’s Degree in Computer Science, engineering or equivalent
  • A strong foundation in computer science, algorithms, data structures , OOP and design patterns
  • Hands-on Experience in PHP5+ , Node.JS .
  • Experience in designing RESTful APIs and consuming external APIs as well.
  • Experience with relational and NoSQL Databases .
  • Hands-on git experience.
  • Familiarity with CI/CD philosophy, processes, and tools.
  • You have comprehensive understanding of the full Software Development Life Cycle.
  • Have a solid understanding of the underlying infrastructure needed to run a large software.
  • Has the ability to break down problems and estimate time for development tasks.
  • Has the ability to take ownership of small tasks and deliver without supervision while using their discretion to seek help when necessary.


Interested? Please send your CV!

  We are looking for a Windows system administrator with a broad set of technical skills to help our engineers and customers with their day-to-day tasks.   

Responsibilities:

  • Install and maintain Windows servers and desktops.
  • Install and configure DNS/DHCP/File/Print/WSUS services.
  • Install and configure active directory and group policies.
  • Provide Tier 3 support to our clients if needed.
  • Manage Backup and Antimalware solutions.
  • Monitor the infrastructure for any intrusion attempts or existing security threats and infections.
  • Troubleshoot any problem related to Windows services or network issues.
  • Recover servers and desktops from any software or hardware failures.

Job Requirements:

  • Experience managing Windows XP/7/10 and Windows server 2003/2008/2012/2016.
  • Scripting using any of the following PowerShell/Batch/Bash/Python.
  • Experience managing Microsoft Exchange Server and office 365.
  • Good technical writing skills.
  • Strong organizational skills.
  • Experience working with visualized Windows servers (Hyper-V, VMWare).
  • Basic knowledge of Linux and linux commands is a plus.
  • Basic knowledge of managing Routers/Switches/Firewalls is a plus.
  • Experience working with cloud infrastructure (AWS/Azure/etc) is a plus.
  • Security knowledge is a big plus.


Interested? Please send your CV!

  You are expected to perform high-end security evaluations and research for mobile devices. You will have to maintain an outstanding level of expertise regarding threats and vulnerabilities in mobile security.  

Responsibilities:

  • Perform research on new attack vectors, discover new vulnerabilities.
  • Evaluation and assessment of various mobile applications against mobile security standards and best-practices.
  • Maintaining proficiency in the use and application of security technologies.
  • Develop unique tools to streamline mobile systems reverse engineering.

Job Requirements:

  • Vulnerability assessment and penetration testing experience.
  • Hands-on experience with reverse engineering of java bytecode.
  • Hands-on experience with application development for iOS and Android devices.
  • Demonstrated practical knowledge of Android and iOS system architectures.
  • An understanding of the life-cycle of a typical cyber-attack.
  • Good Unix/Linux skills and some knowledge of SELinux.
  • Experience developing IOS/Android native and non-native applications.


Interested? Please send your CV!

  Responsible for developing applications for Android platform and participating in the entire application lifecycle.  

Responsibilities:

  • Being involved in all stages of application development including design, modifications, development, and implementation of Android applications to ensure the application quality and efficiency.
  • Keeping up to date with the latest industry trends in mobile technologies to enhance the application functionality.
  • Working with software developers to realize, build, and test the applications and to implement server APIs (Application Programming Interface) and services to support planned mobile functionality.
  • Ensure the best possible performance, quality, and responsiveness of the application.
  • Identify and correct bottlenecks and fix bugs.
  • Help maintain code quality and organization.

Job Requirements:

  • Strong knowledge of Android SDK, different versions of Android.
  • Familiarity with RESTful APIs to connect Android applications to back-end services.
  • Experience with offline storage, threading, and performance tuning.
  • Familiarity with the use of additional sensors, such as gyroscopes and accelerometers.
  • Knowledge of the open-source Android ecosystem and the libraries available for common tasks.
  • Ability to understand business requirements and translate them into technical requirements.
  • Familiarity with cloud message APIs and push notifications.
  • A knack for benchmarking and optimization.
  • Proficient understanding of code versioning tools, such as Git.
  • Familiarity with continuous integration.


Interested? Please send your CV!

  The senior front-end engineer will be responsible for designing, implementing and maintaining the client side of our applications.  

Responsibilities:

  • Drive and own the implementation of highly interactive, responsive and reusable user interfaces.
  • Design, develop code, validate data and integrate with API's.
  • Optimize our user interfaces for maximum speed and scalability.
  • Collaborate with other team members and stakeholders in reviewing UI/UX designs and their technical feasibility.
  • Monitor our applications' performance, watch for traffic drops related to site usability problems and rectify the issues.

Job Requirements:

  • Strong knowledge of Responsive Web Design, HTML5, CSS3 and Bootstrap.
  • Strong experience of JavaScript coding and understanding of emerging web technologies such as AngularJS, React, Vue, ... etc.
  • Understanding of asynchronous, non-blocking User Interfaces.
  • Experience with RESTful services and API consumption.
  • Experience with front end package managers like Yarn.
  • Good understanding of server-side CSS pre-processing platforms, such as LESS and SASS.
  • Knowledge in bundlers like Webpack, build and task runners like Grunt/Gulp.
  • Familiarity with JavaScript module loaders, such as Require.js and AMD is a plus.
  • Good understanding of SEO principles and ensuring that application will adhere to them.
  • Experience with Agile software development, project management methodologies.
  • Strong understanding of Git.
  • Basic knowledge of image authoring tools, to be able to crop, resize, or perform small adjustments on an image. Familiarity with tools such as as Gimp or Photoshop is a plus.


Interested? Please send your CV!

Responsibilities:

  • Deploying, automating, maintaining and managing cloud based production system, to ensure the availability, performance, scalability and security.
  • Provide inputs for design documentations.
  • Build and review the solution's backend/frontend.
  • Automate, validate and review the processes of the Client and Technology and suggest innovative ways to improve automation.
  • Update the knowledge base/ ensure document management.
  • Providing direct server support during various operations such as deployment and general production.
  • Create and maintain root cause analysis of technical issues.

Job Requirements:

  • Experience in writing scripts for automated testing
  • Experience in writing extension scripts of applications
  • Experience in automated migrations, databases and integration between different systems
  • Experience with scripting languages like Python and Bash
  • Experience with Docker.
  • Experience with configuration management and automation tools like Ansible, Chef or Puppet.
  • Experience deploying, configuring and maintaining several databases like MySQL,SQLServer, DB2
  • Experience with versioning tools like Gitlab
  • To have security background in hardening the security of systems and using SELinux or AppArmor.


Interested? Please send your CV!

Security advisories

BlueKeep (CVE-2019-0708) Advisory


Introduction:

  • There is a remotely exploitable vulnerability in Remode Desktop Service (RDP/RDS) that allows an unauthenticated attacker to send a specially crafted request to get code execution on vulnerable targets.
  • Microsoft issued a patch for this critical vulnerability and it should be applied swiftly.

Vendor Comment:

  • “The vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017”

Technical details:

  • The BlueKeep vulnerability requires no user-interaction, and attackers can exploit it without valid credentials. Simply having a server with open RDP port (Default: 3389) means it can get hacked.
  • Since it’s a vulnerability affecting a windows service, the executed exploit will run as SERVICE/SYSTEM privilege.

Affected operating systems:

  • Windows 7 32/64-based Systems
  • Windows Server 2008 Itanium/32/64-based Systems
  • Windows Server 2008 R2 Itanium/32/64-based Systems

Workaround:

  • Block all traffic to remote desktop port (Default: 3389).

Patches:

Resources:

Training and Cyber Security Excellence Center

Delivered by expert professionals with immersive experience in the field, we focus on a concise practical approach to deliver the information.Whether delivered as workshops or courses we make sure the content is wealthy with information and entertaining.
Some of our training topics include:

Writing Secure Code

Network Packet Analysis

Mobile Apps Reverse Engineering

Contact Us

Do you have any enquiries?

Please feel free to contact us.

02-22699305

info@cyshield.com

22 A, Ebad El Rahman, Sheraton, Cairo, Egypt.