Security Leaders 2018

The objective of the Security Leaders Congress is to bring together C-Leves, specialists and executives from the main public and private institutions in the country for an extremely deep National Debate on the current cybersecurity challenges.

This year, also with highlights of successful cases, stories that worked in the fight against cybercrime!

And Nalbatech and bugScout will be present at the event, we will be at the TECHNOLOGY FAIR, a space where we will have the presence of the main providers of Information Security solutions.

Innovative technologies, trends and market news you can find here, come and visit us.

And our participation includes a lecture by our CEO, Francisco Bernabeu with the theme: “Global Application Security as a Managed Service”, which will be held on the 30th at 9:30 am.

come visit us:

Learn more about Nalbatech and the bugScout:

PAGE commoditi

ShareSAN Mobile – Mobility arrived in Business Maintenance


To better take advantage of technology, managed services

In an Ping-Pong interview for IT Portal, our CEO Francisco Bernabeu, spoke about managed services.

With 35 years in the technology market, Francisco Bernabeu leads NalbaTech, a company that was born 5 years ago to offer technological solutions with high added value. The company’s focus is on offering managed services, which, in the executive’s evaluation, facilitates the implementation, execution, support and updating of versions, freeing the teams of the user companies for their final activities.

“All technologies, as long as they are in creative business models, such as managed services, are much more likely to succeed,” he says. “Today, companies have lean teams and little capacity to manage a multitude of services and technologies. Our idea is to be the support point for organizations to overcome this challenge ”.

The company recently acquired the bugScout platform, created by the Spanish company Buguroo Offensive Security, of which it has been a partner for more than 4 years to offer, implement and support the security risk detection solution throughout the life cycle of software applications. With this deal, the company strengthened its offer of managed services, a portfolio that includes other products: Innoware (which allows execution and integration of processes in SAP), Zadara Storage (data storage) and Tibero (database manager) . All solutions provided as a service and managed.

The company’s expectation is to earn R $ 20 million in the next 3 years. To this end, it is investing EUR 1.5 million in improving services and training technical and sales teams.

IT Portal – You touched on a key issue for our Ping Pong: staff training. What is your assessment of Brazil in this area?

Francisco Bernabeu – Companies are looking for ready professionals. This does not actually work. Regardless of the training of professionals, you need to adapt and train according to the company’s profile. There are no ready professionals, regardless of the person’s country of origin or the country where he graduated.

IT Portal – How does NalbaTech promote the training of its teams?

Francisco Bernabeu – Our employees constantly perform their tasks internally, for example, before installing a bugscout appliance, our technicians are guided to test at home, that is, here at Nalbatech. This causes errors to be minimized at the end customer. Another important point is to bring software engineers from the manufacturer itself to Brazil, to work together with our employees and thus absorb their knowledge.

IT Portal – The IT market demands a lot from people. How is Francisco Bernabeu out of the workplace?

Francisco Bernabeu – I’m in love with Harley Davidson. I bought my first motorcycle at the age of 50 and it was simply a lifestyle and not the acquisition of a product. I realized a dream that was to buy a Harley to travel and live with great friends. I am currently part of the H.O.G. from Harley Davidson.

IT Portal – If you could change the world, what would you change?

Francisco Bernabeu – A world made by friendships and without interests. Free from violence.

IT Portal – mounted on a Harley Davidson, I imagine.

Francisco Bernabeu – definitely yes

Sabesp advances in Security through Managed Services

Applied solution submits own and third party systems to source code analysis for vulnerability detection; teams gained productivity after applications passed targeted corrections

Comprised of a wide variety of systems to serve various internal and external processes, Sabesp currently serves 367 municipalities in the State of São Paulo, benefits more than 27.7 million people with water supply and more than 21.4 million users with sewage collection. To protect the system from vulnerabilities and security flaws in software applications, the company announces the contracting of managed services from Nalbatech. The project is supported in the use of the bugScout platform.

“With managed services for application security, we increase the efficiency of our work, allowing us to comply with the company’s Information Security Master Plan,” says Daniel Bocalão, manager of the Information Security and Connectivity Department – (CIC) at Sabesp. The executive is responsible for the security of the corporate network, systems and services and information vital to the company’s business processes.

In internal systems development, NalbaTech monitors and supports the use of the bugScout solution, which detects security risks during the life cycle of software applications. When third parties, the company performs the analysis of source code to detect possible flaws and subsequent correction by the manufacturer. “The work is done by sampling, to reduce time and investment, and later on throughout the application. Suppliers are informed about the tests even before hiring and are then instructed to make the necessary corrections. The analysis of the entire source code of the application follows the pattern of use of these systems within the company ”, explains Bocalão.

In the field, the Internet of Things is already applied in devices and systems that collect in real time the data on water and sewage services delivered to the population, and which involves the identification of consumption, changes or deviations in the consumption pattern, potential for leakage , among many other variants, producing a large amount of data that needs to be protected. This account also includes administrative management, billing, CRM, asset control, supplies, HR and other systems, which pass the vulnerability tests required by the company.

The most found vulnerabilities

More than a thousand applications have already been analyzed, and the most common flaws in third-party applications are related to the exposure of sensitive information, weak encryption, violation of trust limits, basic errors in the source code, among others. “There is rarely any application on the market without finding a fault,” says Bocalão.

Increased user productivity

Security vulnerabilities are not the only ones identified. With errors in the source code, many systems become slow, significantly impacting the productivity of networks and teams. “We noticed a very big increase in productivity after the applications went through the corrections guided by bugScout”, says Bocalão. “With the maturity in the use of the solution, we also improved our internal processes and procedures”.