DEFENSE & SECURITY

SECURITY CONSULTING

Embraer operates in cybersecurity through its subsidiary Tempest Security Intelligence, the largest specialized company and a leading company in Latin America, with more than 20 years of experience.

As a reference in the digital security and fraud prevention market, Tempest combines state-of-the-art technology with the expertise of the largest technical team in Latin America to deliver solutions in Strategic Consulting, Managed Security Services, Software Integration and Digital Identity.

Visit Tempest website

ASSESSMENT PROJECTS, TESTING AND RESILIENCE DIAGNOSTICS, AND CYBERSECURITY

Application Security

  • Secure Development Workshop

The goal is to showcase the most common security or vulnerability issues found in web and mobile applications. We take a hands-on approach to how these problems can be identified, explored, and, especially, prevented and mitigated.

  • Software Architecture Review

By carefully assessing the documentation, settings, and architecture, our specialists can identify security risks in software and determine potential failure points that expose your company to likely vulnerabilities. This analysis generates a document with practical recommendations to prevent a number of different threats.

Attack & Penetration Testing

APT / Ballistic

We keep threats adaptable to changes while maintaining the highest possible uptime! This solution simulates attacks that combine sophisticated malicious code with technological and human resources against business environments, reporting the details of each test along with mechanisms to enhance the company’s security.

Threat Modelling

We can help you identify any threats and vulnerabilities against your systems! Our solution is applied in a process or system to identify input and output points, information streams, as well as components and assets used by your software.

PENTEST

This activity simulates actions by ill-intentioned attackers so that we can apply our knowledge of offensive techniques. Our tests are conducted primarily as a form of action.

Red Team

Your company should be well prepared to defend itself against specific opponents, including attackers, spies, or terrorists! We use methods that emulate these groups and conduct simulations that combine social engineering, physical security breaches, and a range of other attacks. This allows us to offer a clear view of what areas need improvement.

Vulnerability Cleaning

This solution involves extracting technical information about equipment and system conditions and comparing them to a large catalog of vulnerabilities. We assess systems and other assets to offer your company evidence of each detected vulnerability, along with ways to address them.

War Games

Simulates real attack scenarios to assess an organization’s resilience and its layers of defense, from identifying, treating, and recovering from a hostile cyberattack, to providing your organization and management a complete view of the status of your defense mechanisms.

Incident Response

Digital Forensics

We work to obtain as much evidence as possible while respecting digital forensics methodologies that can help our customers get enough resources to conduct either their own investigations or those by authorities.

Incident Response

Having someone you can trust during a worst-case scenario is as important as working towards building a robust environment. We offer strategic knowledge to contain attacks and return your environments to normal conditions. We also help our customers identify the source of an attack and plan ahead so as to prevent similar incidents from reoccurring.

Cloud Security

  • Cloud Security Consulting

Helps you model cloud environments, especially during creation and migration, putting the industry’s best security practices into perspective.

  • SECURE IaC REVIEW

Acts as a security review of AWS CloudFormation and Terraform setting (IaC) to find security breaches in coded structure.

  • Cloud Security Review

Analyzes the current cloud environment to find security improvements in architecture and service settings.

  • Cloud Security Workshop

Provides training targeting technical-managerial audiences to improve information security maturity across a department’s employees.

  • Shadow It Assessment

Performs an analysis to identify consumption by cloud-based services that have not been homologated by your organization.