Ethical Hacking: Corporate cybersecurity and risk management


Leading company in the supply of tubes and services related to the worldwide energy industry. Among its clients, we can find the main international oil companies, as well as engineering companies engaged in the construction of extraction, transportation and processing of oil and gas. The company has 4 Research and Development centers, over 2,500 clients and 23,000 employees.


The client wanted to optimize the information protection measures and improve its analysis and safekeeping. To do so, it needed a group of consultors able to solve operating issues related to the applications’ security, DLP solutions and vulnerabilities analysis. Another of its requirements was to draft documentation for Government, Risk and Compliance areas.


Baufest put together a team to work with the client’s applications security, risks and solutions areas of Ethical Hacking. Firstly, we performed the analysis of vulnerabilities and risks, and then, we updated and extended the Data Loss Prevention Policy (DLP) for the whole of Latin America, Europe and the Middle East. Furthermore, we implemented an Ethical Phishing policy to work on raising awareness among the users, and a CASB solution to strengthen the Shadow IT.


  • Greater visibility of risks and more information for decision-making processes.
  • Greater awareness for industrial and corporate cybersecurity areas.
  • Increased control over user’s access to applications.
  • Confidential information permits databases
  • Automation and optimization of the processes in the Government, Risk and Compliance areas.
  • Know-how related to the execution of ethical phishing practices.