
Satellite pentest management
May 2022 - November 2023
Thales TSIX, 3 days of 5
- Achievement
- Pentest management
- Pentest reviews
- Pentest of a complete system
- Creation of automated configuration audit scripts for penetration testing on Windows and Linux systems of a set of machines on a Vsphere virtualized infrastructure. Automated deployment, data recovery and removal of penetration test files on the entire virtualized system.
- Advanced network configuration based on architecture and addressing schemes
- Writing of the vulnerability closure report of the previous penetration tests on the Galileo system
- Vulnerability analysis, impact evaluation on the system
- Travel to ESTEC (European Space Research and Technology Center, Netherlands) twice a month for 3 days for consultation and study of documents from the European Space Agency
- Study of the cybersecurity impacts of the divergence of requirements between "As-built" and "As-designed" industrial systems. Decision making on the adoption or not of the deviation according to the criticality of the impact of the vulnerability created, in correlation with the global criticality of the system where the deviation is located.