ZIUR trains companies of Middle Urola on Pentesting
ZIUR, the Gipuzkoa industrial cybersecurity center, delivered a new training program at the Basazabal Palace in Azpeitia, aimed at IT managers and technicians from companies of Middle Urola. The working session, held in collaboration with the Iraurgi Berritzen Agency, focused on identifying vulnerabilities using pentesting tools, with the aim of strengthening active protection and the prevention culture of the seven participating companies.
Faced with the increase in cyberthreats, companies must analyze the systems that support their information management to assess the risks associated with their use. To facilitate this task, there are a series of methods and tools that allow for analysis known as penetration testing, intrusion testing, pen testing, or pentesting.
The working session, entitled "Vulnerability Analysis: Pentesting, Vulnerability Identification and Mitigation," began with a brief introduction to pentesting, led by ZIUR experts Iñaki Torrecilla and Markel Gómez. During the presentation, they demonstrated the benefits of this cybersecurity practice, which simulates attacks on computer systems, networks, or applications to identify vulnerabilities before cybercriminals exploit them.
Following this contextualization, Iñaki Torrecilla, ICS Security Architect at ZIUR, and Markel Gómez, cybersecurity analyst at the Foundation, presented various pentesting tools such as "Nessus" and "Pentera," which they subsequently used to conduct a practical exercise. Finally, they led an open discussion of the results.
The event also featured the experiences of José Luis Grajera of Ibarmia and Juan Mari Calleja of Biele, representatives of two companies located in the region, who shared their experiences and best practices in the application of pentesting.
Following this session, a networking space was set up to promote the exchange of experiences among attendees. In this way, knowledge, projects, and best practices being developed by companies in the region in this area were shared.
This event, the fourth in 2025, is part of the Ikasiz program, which consists of an annual series of sessions aimed at promoting the training of ICT managers in the region's companies, digitalization, and new technologies through collective learning processes. To this end, workshops are organized with experts and based on the exchange of experiences on topics prioritized by the working group. Each company also has the opportunity to implement a practical project.