|
|
 |
| |
 |
| |
 |
Business Benefits: |
| |
 |
Affordable
one-time or monthly cost |
|
Reduced
risk of legal liability from security
breaches or illegal use of corporate systems |
|
Maintained trust from customers, suppliers, partners in
confidentiality of sensitive information and availability of
business-critical applications |
|
Avoidance of
lost productivity, revenue loss from downtime
of business-critical applications or
compromised corporate data |
|
|
IT Benefits: |
| |
|
Comprehensive,
prioritized reporting of internal and
external system vulnerabilities and
anomalous network and computer usage
patterns, with recommendations for
eliminating them |
|
Automated,
continuous on-site operation with minimal staff impact
and secure remote monitoring |
|
Flexible
scanning options & reporting periods
(one-time, semi-annual, quarterly, monthly) |
|
Liberation
of valuable IT staff time to focus on
other business-critical tasks |
|
|
Best Suited For: |
| |
|
Companies needing an initial benchmark of their vulnerability
to technology and personnel-based "social engineering"
attacks |
|
Organizations looking to complement or
refresh a prior security audit |
|
Corporate security managers wanting to
validate adherence to security policies and
procedures |
|
|
Technologies Employed: |
| |
|
Security
Scanning Appliance (SSA):
Installed safely behind the corporate
firewall and remotely managed via a secure
encrypted link, the SSA performs regular
on-site scans for known security
vulnerabilities, as well as continuous
capture, analysis and storage of actual
network flow information for identification
of suspicious traffic
patterns. |
|
Social engineering tests to evaluate the degree to which
a workforce is vulnerable to attacks which attempt to manipulate personnel into
divulging internal information or performing actions that compromise corporate
security |
|
Password audit tools to evaluate how resistant
end-user passwords are to being guessed or cracked |
|
|
Available Services: |
| |
|
One-time or
ongoing "vulnerability scorecard" of
strength of defenses associated with: |
|
 |
Logical
perimeter devices (routers, firewalls,
intrusion detection systems) |
|
|
End-user
security practices and procedures |
|
|
End-user
passwords used to access business-critical
resources |
|
|
Internal
network (wireline and wireless) and Internet
access infrastructure |
|
|
Internal
workstations, servers, and network devices |
|
Review, interpretation and prioritization
(in order of risk) of identified vulnerabilities |
|
Recommendation of strategies and tactics for
elimination or mitigation of identified vulnerabilities |
|
Design, implementation, and testing of
recommendations |
|
Delivery of end-user security awareness,
training programs |
|
|
|
 |
