Certifications
We hold the following certifications
- Offensive Security: OSCE, OSWE, OSWP, OSCP
- EC-Council: ICS-SCADA Cybersecurity, ECSA, CEH, CHFI, ECIH, CEI
- Others: ISO 27001 Lead Auditor, CREST CRT (CREST Registered Penetration Tester), CREST Practitioner Security Analyst
- Cisco CCNA, CCNA Security, CCAI, CCNP Routing, CCNP Switching
- VMWare vSphere Install, Configure, Manage, Microsoft Certified Technology Specialist (MCTS/MCP 70-642), Advanced Linux & INFOSEC
Over 18 Years of Cybersecurity Experience
With over 18 years of industry experience, we have become a trusted partner for cybersecurity training and penetration testing services, educating over 150,000 online students and more than 1,500 face-to-face students.
Customers
Our cybersecurity training and penetration testing services have already been trusted by over 90 satisfied customers in over 40 countries.
Ethical hacking and IT Audit
We are focused on ethical hacking and IT Audit – deliberately challenging IT security assumptions, strategies, and protective methods for vital assets and information by emulating an adversary. We scan for and attempt to exploit a wide variety of vulnerabilities in data center infrastructure and applications, following defined rules of engagement and attack scenarios (ethical hacking). We provide actionable recommendations to address identified security weaknesses and report on all activities and findings.
Internet penetration testing (black box / white box testing)
We perform comprehensive internet penetration testing (black-box and white-box) and conduct thorough code reviews (manual and automated). We use a variety of testing tools—such as NetBIOS scanning utilities, network ping tools, packet crafting and analysis software, and port scanners—to perform comprehensive vulnerability assessments. Furthermore, we perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.). Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures. We assist in developing remediation plans for any identified findings. We customize, operate, audit, and maintain security-related tools and applications.
Services
Check Out Our Services
Cybersecurity Training and Awareness
We offer a vast portfolio of courses, created by our professionals or by well-recognized companies in the IT industry. Furthermore, we offer cybersecurity awareness training for your employees to help them stay safe and secure together with our partner Awakeness.ai
Penetration Testing
A penetration test is an authorized security assessment that simulates a malicious hacker’s attack to identify vulnerabilities.
Web Security Assesment
The aim of this assessment is to determine whether any vulnerabilities exist in a given web application that provides internal or client-facing services.
Audit, Risk and Compliance
We meet and exceed compliance standards required in many industries—such as GDPR, NIS2, HIPAA, MiCA, DORA and PCI DSS—while also following cybersecurity best practices like ISO 27001 and NIST guidelines.
Wireless and Mobile
The aim of this assessment is to determine if any vulnerabilities can be exploited through wireless networks or mobile devices.
Security Consulting Services
We deliver world-class cybersecurity expertise and experience to provide you with comprehensive information security solutions.
LLM / AI Pentest
We harden LLM-powered assistants and AI copilots through prompt-injection, model-safety, and data exfiltration assessments.
AI & Human Risk Management
Align cyber awareness with DORA, NIS 2, and AI governance.
Our AI-enabled human risk management framework combines continuous phishing simulation, adaptive micro-learning, and LMS analytics to reduce social engineering exposure. We map behaviors to DORA and NIS 2 control objectives, ensuring every employee and vendor touchpoint is auditable.
Through Awakeness.ai, we correlate phishing simulation outcomes with compliance gaps and generate prioritized remediation plans that extend into our custom security trainings.
Program Highlights
- AI-driven human risk scoring with executive dashboards.
- Automated cyber awareness training pathways and LMS enrollment.
- Control mapping for DORA ICT risk, NIS 2 Annex I, and ISO 27001.
- Audit-ready evidence for internal, external, and regulator reviews.
Phishing & Spear Phishing Simulation
Measure, coach, and certify resilience across global teams.
Spear Phishing Coverage
We build bespoke spear phishing campaigns that emulate brand impersonation, credential harvesting, VIP targeting, and cloud admin takeovers. Reports flow directly into our LMS learning management system to trigger precise follow-up lessons.
Red-team style attacks can be paired with penetration testing engagements for a combined human and technical picture.
- Adaptive difficulty to keep advanced users challenged.
- Localization across EN/RO and additional languages on request.
- Automated reminders, phishing drill calendars, and policy attestations.
- Google Workspace and Microsoft 365 safe payload testing with audit trails.
Cloud & Crypto Pentest Audit
Penetration testing for multi-cloud, Web3, and regulated workloads.
Cloud Pentest
Azure, AWS, and Google Cloud pentests include configuration drift analysis, IAM abuse paths, and container breakout attempts mapped to CIS benchmarks.
Crypto Pentest
Smart contract and crypto custody audits detect flaws in key management, governance, and liquidity protections, pairing manual review with automated fuzzing.
DORA & NIS 2 Ready
Findings are prioritized by operational resilience impact, offering remediation playbooks and evidence packages for auditors, supervisors, and board updates.
LLM / AI Pentest Methodology
Hands-on validation for copilots, assistants, and autonomous agents.
We execute a structured playbook: enumerate LLM entry points, craft targeted prompt-injection chains, simulate data exfiltration, and fuzz tool/agent actions. Findings are benchmarked against the OWASP LLM Top 10 (prompt injection, model bias, supply-chain tampering, data leakage, insecure output handling, and more) and mapped to EU AI Act, NIS 2, and DORA evidence requirements.
The deliverable contains reproducible attack traces, prioritized fixes for guardrails, retrieval pipelines, and plugin integrations, plus monitoring guardrails to keep new releases aligned with the same controls.
Schedule an AI PentestLMS Learning Management System Enablement
Deliver cyber awareness training at scale with measurable impact.
Our LMS deployment services cover content migration and regulatory audit logging. Dashboards highlight course completion, phishing resilience, and human risk KPIs so leadership can prove ongoing compliance.
Plug the LMS into penetration testing remediation plans and DORA testing cycles to keep every ICT control owner accountable.
Included Services
- Turnkey onboarding and single sign-on configuration.
- Custom cyber awareness learning paths per department.
- Automated certificate issuance and expiry tracking.
- Dashboards for DORA Article 11 reporting and NIS 2 KPIs.
FAQ
Answers for CISOs, auditors, and compliance teams.
How does ITUniversity.ro support DORA operational resilience testing?
We align penetration testing, phishing simulations, and LMS governance with DORA ICT risk management guidelines, delivering evidence packages ready for competent authorities.
Can phishing simulations integrate with our LMS learning management system?
Yes. Spear phishing outcomes automatically enroll learners in targeted modules, and completion data is pushed back into your LMS dashboards.
Do you cover crypto pentest and cloud pentest audits under the same engagement?
We can scope multi-cloud, on-prem, and crypto audits together, sharing threat intel, remediation workshops, and compliance reporting.
What reports are provided for auditors and regulators?
Engagements include executive summaries, technical findings, human risk metrics, and control-mapped action plans for DORA, NIS 2, ISO 27001, and PCI DSS together with our partner Omnient
Contact
Contact Us
Location:
Floreasca 169, Bucharest, Romania
Email:
contact@ituniversity.ro
Call:
+40 724 485 985