 |
IAC SecureTech’s comprehensive approach
tests everything from physical access to evaluating
employee awareness of policy and
procedure. This approach finds unmitigated
risks that may not have been previously
exploited, but exist nevertheless.
|
|
|
|
IAC SecureTech’s Vulnerability Assessment provides its
clients with the most comprehensive report on the current
state of their information security. This baseline report will
serve as a living document from which our clients:
Prioritize network improvements
Assess policies and procedures
Plan system and process training
Review application development security architectures
A true vulnerability assessment consists of more than running
a couple of software tools against a network. IAC SecureTech's
comprehensive approach tests everything from physical
access to evaluating employee awareness of policy and
procedure. This approach finds unmitigated risks that may
not have been previously exploited, but exist nevertheless.
IAC SecureTech’s assessment is performed in context with
our client's business processes, because if a vulnerability
assessment’s recommendations are not aligned with your
processes, they are unusable.
In the process of securing a network, we often find it necessary
to first baseline the network and ensure that it exists in a
“normalized” state. This is especially true in scenarios where
no cohesive security model exists. In order to provide this
and to reduce the disruption to business processes we recommend
a triple pronged approach: detailed risk analysis,
penetration testing, and policy review and placement.
|
|
|
|
|
Penetration Testing
IAC SecureTech provides penetration testing that goes beyond
simple network scans. Our penetration testing is designed to
test policy and procedure awareness, internal architecture,
external information leakage, physical access issues, web
application security and several other areas.
Policy Review/Placement
Any healthy security infrastructure starts with policy and
procedure. IAC SecureTech works with its clients to develop
a comprehensive set of policies and procedures specific to
their business processes. IAC SecureTech also has regulatory
Security Policy templates (HIPAA, Gramm Leach Bliley,
Sarbanes-Oxley) available and works with your staff to adapt
them to your specific environment.
|
|
|
|
Deliverables
Exposure Evaluation
External Network View Report
Zero Knowledge Review Report
Information Leakage Report
Policy And Procedure Review Report
Internal Topography Report
Firewall Rules Report
ACL and Password Control Report
Physical Security Review Report
Penetration Testing
Internal Awareness Report
Virus Control and Containment Report
Attack Response Procedure Review
Social Engineering Report
Honeypot and Protocol Analyzer Review
Repair
Administrative Control Recommendations
Priority Sheet
Recommended Timeline
Implementation Costs and Considerations
Detective Control Recommendations
|
|
|
|
