Cyber Security Test Lab

We operate as an accredited cybersecurity testing laboratory, audited and monitored by the Hungarian National Accreditation Authority. Its analysis shows that our operations comply with the international standard ISO/IEC 17025:2017, which specifies the general requirements for the competence of testing and calibration laboratories and is regularly reviewed. During these visits, the Accreditation Authority verifies our results, methods, and documentation, and also reviews our overall activities and our experts as external inspectors. The renewal of accreditation demonstrates to our partners that we are credible, and reliable and deliver quality work in our partnerships.

Recommended services

Laboratory testing of software products

We audit our clients' solutions and systems based on international methodologies for laboratory testing of software products. To detect this, we examine the architecture, the implementation capability, and the security features of the software. We even dig deeper down to the source code level to uncover the smallest details.

For the security functions, we check the appropriateness of their selection, the depth of risk identification, the definition of security requirements, and their implementation. Our measurements and tests follow, among others, the OWASP and ISO/IEC 15408 guidelines, in order to assess our partner's software products according to standardized, internationally recognized methods.

Characteristic tested/measured, type of test, measurement range
Identifier of test/measurement method

Application and mobile vulnerability

OWASP Testing Guide

OWASP Application Security Verification Standard

OWASP Mobile Security Testing Guide

OWASP Mobile Application Security Verification Standard

Software security

Evaluation Assurance Level 2-4

ISO/IEC 15408

ISO/IEC 18045

Security of electronic signature software products

ETSI TS 119 101

NIST SP 800-53A

Cryptographic security

Security Level 1

ISO/IEC 19790

ISO/IEC 24759

Laboratory testing of information technology systems

Our approach to the analysis of IT systems is very similar to the methodology used for the laboratory-level analysis of software products. We examine the architecture of the IT systems, the security settings, and whether the security systems used have been properly selected, implemented, and configured.

This includes a full audit of security processes, from checking their compliance to auditing role configuration and process specifications.

Characteristic tested/measured, type of test, measurement range
Identifier of test/measurement method

Information security

Level low, moderate, high

NIST 800-53

NIST SP 800-53A

System security

Security class 1-5

41/2015 (VII. 15) BM Decree

NIST SP 800-53A

Electronic signature systems

ETSI TS 119 101

MSZ EN 419241-1

NIST SP 800-53A

Digital archiving in an electronic system

ETSI TS 119 511

Laboratory testing of industrial systems

Industrial systems are tested at the laboratory level using the international NIST SP 800-53A and NIST SP 800-82 system safety measurement methods. We test the architecture and configuration of industrial components and systems and also perform a full analysis of the adequacy and status of the security systems in place, the roles set, and the process specifications. During the audit, ICS, DCS, and SCADA systems are also audited.

While the ICS is capable of monitoring a wide range of infrastructure and raw material systems, the DCS is a system that links controllers, sensors, operator terminals, and control elements. In addition to these, SCADA (Supervisory Control and Data Acquisition) is a system architecture for managing large and complex processes. SCADA systems are typically found in utilities, such as natural gas and electricity transmission, where control functions are distributed over a large geographical area.

Characteristic tested/measured, type of test, measurement range
Identifier of test/measurement method

System security

NIST SP 800-53A

NIST SP 800-82

Impartiality and independence

As the CEO of Alverad Technology Focus Kft., I declare that Alverad Technology Focus Kft. Cybersecurity Testing Laboratory does not provide any consulting services in connection with or related to product testing, auditing, monitoring or surveillance.

All employees of the testing laboratory are free from any political, economic, commercial, financial or other influence that could affect their testing and inspection activities or their results.

The owners of Alverad Technology Focus Ltd. do not interfere with the professional, testing and auditing activities of the Cybersecurity Testing Laboratory. Alverad Technology Focus Ltd does not receive any regular financial support from external sources.

Alverad Technology Focus Kft. Cybersecurity Testing Laboratory provides its services to all its clients and customers equally and without discrimination. The procedures and regulations applied shall be based solely on professional and legal criteria and shall not unduly restrict the possibilities of the requesting client.

The Cybersecurity Testing Laboratory shall operate as an autonomous entity, free from any internal or external influence, with its own appointed leader, whose professional independence is guaranteed in all respects. As the CEO of Alverad Technology Focus Ltd., I continuously monitor and evaluate compliance with impartiality and non-discrimination.

Hinkel Attila


Integrated Governance Policy

The management and all employees of Alverad Technology Focus Ltd. are fully committed to the fulfillment of
  • Quality Management System according to MSZ EN ISO 9001:2015
  • ISO/IEC 27001:2014 and the Information Security Management System, and
  • MSZ EN ISO/IEC 17025:2018 accredited cyber security testing laboratory
and the continuous improvement of standards-based operations.

Alverad 360° security management

Independent, integrated professional partner

360° security management

Our service portfolio is designed to provide a one-stop shop to help you solve our partners' cybersecurity challenges. We take a systemic and complex approach to security, identify gaps, jointly develop solutions and support their implementation!

Independent professional support

As an accredited cybersecurity testing laboratory, our expertise is strictly professional, and impartial. We do not represent any vendors, we are product-independent and we only focus on the security interests of our partners. We continuously develop the professional skills of our staff, keeping them up to date with the latest cybersecurity developments.

Long-term, integrated partnerships

In our work, we strive for flexible and constructive cooperation, in cooperation with our partners. Our aim is to understand their security objectives, and organizational, operational, and technological specificities and develop unique, site-specific, forward-looking solutions. In this way, we can support our partners in their security ambitions with the efficiency of an external and internal partner.

As a business, we regularly analyze our operational and security risks, set and implement targets to maintain confidentiality, integrity, and availability of the information we hold or create, and the continuity of our operations.

This Governance Policy is published for all employees, customers and stakeholders of the organization.