Information Security Assessment

An Information Security Assessment is a professional services consulting engagement with the specific goal to examine and review the existing network security vulnerabilities and risks inherent in a client’s environment. The review concentrates on establishing a “snap-shot” of the current network architecture and network security vulnerabilities, the current security posture, in-place security controls, documented corporate policies, day-to-day procedures in use, and the functional implementation of security capability.  Two essential elements of a successful assessment are penetration testing and vulnerability assessments. Our Information Security Assessment addresses three basic environmental components – network security, business risk/compliance, and IT operations.

Penetration Testing

Penetration Testing is an authorized engagement to attack the client’s network environment with the express purpose to defeat the in-place security mechanisms and controls thereby gaining access to the network, connected servers/hosts, websites, voicemail and networked systems.  It is focused on testing your computers/servers connected to the Internet, not just your web site.  Our certified hacking analysts explore your connections to the Internet checking for vulnerabilities and potential “holes” that could be used by hackers to gain access to your internal environment. By reviewing your Internet presence, we can identify and minimize the impacts to your business. Over 100 typical sneak paths into your network are checked and analyzed.

Your Internet-facing external network is reviewed and examined with the latest vulnerability scanners, both purchased and open source, following industry best practices and techniques to identify potential vulnerabilities and security-related conditions. Scanning targets include web, FTP, and other servers; firewalls and VPN devices; and other typical Internet-facing network equipment.  Web portals, e-commerce applications, online ordering/billing processes, customer interfaces, hosted web email, and other potential conduits are all examined during our penetration testing activities. Examination of your online presence allows for the identification and mitigation of potential issues and vulnerabilities before their exploitation causes harm to your operations.

Network Security Health Check

Your network is the heart and soul of your daily operations, customer satisfaction, and revenue generation.  With a thorough understanding of your business objectives, we can help you ensure that your technology investment not only satisfies your current needs, but is strategic to your business growth and continued success.

The purpose of the Network Security Health Check is to assess the security and health of the your network.  This activity focuses on the following items:

• Assessing the security at the core, distribution, and access layers
• Assessing the security of services such as IP Voice, IP Video, and Email
• Verifying the proper implementation and configuration of controls necessary to protect services from unauthorized use and information from unauthorized disclosure
• Evaluating the existing design architecture and configuration of the network in accordance with “industry best practices” to include such things as high availability, separation of services, Quality of Service, etc.

Firewall Configuration Technical Analysis

An improperly configured firewall effectively negates any cybersecurity protection expectations.  Firewalls are the first line of defense in providing security and protection to a corporate network.  A single keystroke error, an unpatched OS, or some other simple error can often lead to a compromise.  Make sure your firewall is doing what you expect it to do to protect your network.

Our Firewall Configuration Technical Analysis provides an in-depth technical review of your existing firewall rule set, an identification of potential shortcomings and possible errors, and recommendations to correct and mitigate these problems.  Our detailed Technical Analysis Report identifies misconfigurations of rule sets, corrective recommendations, and references/resources.

Website Security Check

Risk of unauthorized access to your web site and its compromise can lead to disclosure of sensitive data (corporate and customer), defacement resulting in corporate embarrassment, and potential access to your internal network.

Dynetics’ Website Security Check and analysis is designed to minimize your risk of web site compromise and potential disclosure of sensitive information.  This 3- to 5-day effort conducted from our office focuses on your web site and checks for the Top 20 Web Site Vulnerabilities commonly used by hackers.  Our Website Security Report contains analysis results, vulnerabilities identified, status information, and mitigation actions.