Security Risk Assessment Services
Security Assessment services will help you develop an understanding of your current capabilities; identify likely threats and the potential vulnerabilities in your security strategy, helping you to develop an organisation that is resilient to cyber threats.
Firewall Rule Review
When a firewall is initially installed, it should be tested to ensure it is operating as required. Over time, if left unchecked, firewall can often be weakened by temporary rule changes being left unresolved and additional rule complexity creating unforeseen gaps. Reviewing firewall rules every 6 months ensures gaps are discovered and remedied. This is also a PCI requirements (1 and 6).
Network Assessment
Methodic assessment of network security, including patch levels for mainstream and bespoke applications, backup software, which when compromised can provide unexpected high levels of access to a network.
Wireless Audits
Anyone can see the network and therefore, attempt to access it. With Wireless network security assessments can be used to test authentication methods.
Identify what wireless access points are on their network and ensure they are correctly configured with encryption and authentication.
Architecture Review
An architecture review offers significant value in ensuring the client has up-to-date documentation and that the logical design is secure and robust.
Database Audit
Databases hold critical and sensitive data. An audit goes beyond checking patch version and network scan. Service provides a comprehensive audit of common databases (Oracle, SQL server, etc), to find configuration and schema weaknesses that might result in data loss or put data integrity at risk.
Server Forensic Audit
A deep assessment of a single host. Consultant will extract data (registry, log data, etc) central to the functioning and configuration of the server. Report produced identifies weaknesses and make recommendations for improvements.
Information Security Assessment Services
|
|
- CESG Check IT Health Check
- Wireless 802.11x Assessments & Rogue Access
Application Build Review
- Firewall Rule Base Audit
- Client Security Testing (kiosks, workstations, laptops, mobile devices)
- War-Dialling
- Information Security Reviews
- VPN / RAS Architecture Review
Social Engineering
Allows you to test the effectiveness of your security awareness training program, or lay the foundation for creating one.
- Telephone Based Social Engineering
- Physical Social Engineering
- Phishing Email and Click
Brand Attack & Privacy Services
Review and test both corporate resistance to targeted attacks on users and your Corporate Public Profile.
Computer Forensics and Incident Response
- Forensics Analysis
- Information Security Incident Management
- Secure Data Recovery & File Password Cracking
Compliance, Risk and Audit
|
|
Automated Vulnerability Assessment
Benefit from on-going automated vulnerability assessments:
Vulnerability scanning provides you with the assurance that your infrastructure is being scanned at regular intervals. All results are again verified to ensure that you are only alerted where a potential issue exists, false positive findings are removed by the dedicated Managed Services team. Scans can take place monthly, quarterly or on an adhoc basis with all parameters agreed in advance.
- External & Internal Network Scanning
- PCI ASV Compliant
- Ad-hoc or Pre-Programmed Regular Scans
- Highly Granular Scanning Runs
Security Awareness Workshops
- Secure Coding Workshop
- Social Engineering Workshop
- PCI DSS Workshops
- Information security workshops
Physical Security
- Building Access Security Audits
- Facilities Management System Reviews
- CCTV Control Reviews