FAQ : Audits
What areas does the cybersecurity analysis cover?
The analysis covers 5 priority areas for SMEs:
- Network: firewall configuration, remote access (VPN), segmentation.
- Website: SSL/TLS, security headers, common vulnerabilities (OWASP Top 10).
- Authentication: password policy, MFA, administrator access management.
- Training: level of team awareness on phishing (91% of cyberattacks start with an email — Proofpoint 2024).
- Data: classification of sensitive data, nFADP compliance.
Depending on your needs, the analysis can focus on one or more specific areas.
What benefits do companies gain from a network audit?
Optimized performance, reduced vulnerabilities, and service continuity. You'll have a network that is both reliable and scalable.
What certifications guarantee Bexxo's reliability?
Bexxo / Tesweb SA holds three key certifications: the CyberSafe Label, recognising companies committed to a proactive cybersecurity approach; the Swiss Label, a certification from the Swiss Union of Arts and Crafts (sgv) guaranteeing 100% Swiss anchoring of products and services (founded in 1917, centenary celebrated in 2017); and a federal clearance allowing intervention in classified environments — the highest level of rigour in confidentiality.
What do you receive at the end of the analysis?
At the end of the exchange with the Bexxo expert, you receive by email a personalized PDF report including: (1) a summary of the risks identified by area, classified by criticality (high/medium/low); (2) a prioritized action plan with the measures to implement first; (3) recommendations adapted to the size and sector of your company. You can view an example report via the link below. This report can be used as a basis for your internal audits or presented in the event of an nFADP inspection.
What is Bexxo's free cybersecurity analysis?
Bexxo's free cybersecurity analysis is a personalized assessment of your company's security posture, carried out free of charge and without commitment by a Bexxo expert. In a 30-minute exchange, we assess your risks across 5 areas: network infrastructure, website, access management (MFA authentication), team awareness on phishing, and classification of sensitive data. You then receive a written PDF report with the identified vulnerabilities and a prioritized action plan — identical to the report given to our paying clients.
What is Bexxo?
Bexxo is the cybersecurity division of Tesweb SA, a Swiss company founded in 2006 in Ins (canton of Berne). Launched as a distinct and protected brand in 2023, Bexxo supports SMEs in French-speaking Switzerland with security audits, penetration tests, anti-phishing training and vulnerability monitoring. Certified with the Swiss Label and CyberSafe Label, we guarantee 100% Swiss services.
What is a network audit?
It is a diagnostic assessment of the architecture and configurations of your infrastructure (routers, firewalls, switches, etc.) to identify potential security vulnerabilities or bottlenecks.
What is a network security audit?
A network security audit is a systematic assessment of a company's IT infrastructure: device mapping, traffic analysis, verification of firewall rules, remote access (VPN) and network segmentation. It is carried out in accordance with ISO 27002 and NIST CSF standards and produces a vulnerability report classified by criticality with a prioritised action plan. At Bexxo, our audits cover 10 to 20 control points depending on the chosen package.
What is a network security audit?
A network security audit is a systematic assessment of a company's IT infrastructure: active equipment (routers, switches, firewalls), segmentation, communication protocols, access management and encryption levels. At Bexxo, our audits reveal on average 3 to 5 critical vulnerabilities per SME infrastructure.
What is a web cybersecurity audit?
A web audit involves an in-depth analysis of the vulnerabilities of a website or online application: penetration testing, source code review, server configurations, etc.
What is a web security audit?
A web security audit is a methodical assessment of a website designed to identify exploitable vulnerabilities (SQL injections, XSS, CSRF, misconfigurations) and verify compliance with ISO 27001 and NIST CSF standards. At Bexxo, our audits cover 10 to 20 control points depending on the chosen package.
What is a website security audit?
A website security audit is a methodical examination of a website's vulnerabilities: application flaws (OWASP Top 10), SSL/TLS configuration, HTTP security headers, access management and compliance with ISO 27002 and NIST CSF standards. It produces a report with a list of flaws classified by criticality and a prioritised action plan. At Bexxo, our audits cover 10 to 20 control points depending on the chosen package.
What is the difference between Bexxo and Tesweb SA?
Tesweb SA is the legal entity founded in 2006, which operates two areas of expertise: SOS Data Recovery (data recovery, leading Swiss service) and Bexxo (cybersecurity, brand launched in 2023). Bexxo is a registered and protected brand dedicated exclusively to digital protection for businesses. This dual expertise — data recovery and protection — represents a unique positioning in Switzerland.
What is the difference between White Box, Grey Box and Black Box for a network?
White Box provides access to network diagrams and configurations (most comprehensive, ideal before ISO certification). Grey Box simulates an employee or contractor with partial VPN access (most balanced for SMEs). Black Box tests from the outside with no prior knowledge, like a real attacker. Bexxo recommends Grey Box as the standard for SMEs.
What is the difference between White Box, Grey Box and Black Box?
White Box analyses the source code and internal architecture (most comprehensive). Grey Box simulates a user with partial access (most balanced for SMEs). Black Box tests from the outside with no prior knowledge, like an attacker (most realistic). Bexxo recommends Grey Box as the standard for SMEs.