|
In the past
6 months, the number of unwanted Internet intrusions have nearly
doubled. Moreover, the FBI’s survey of crime and computer
security showed that even though the vast majority of enterprises
have intrusion detection systems, 40% of them still reported that
their systems had been penetrated.
Polar Cove assesses and tests all
of the components of each client’s security system. Useful
reports to management cover specific weaknesses, vulnerabilities,
and critical fixes.
Enterprise-wide information systems
are necessarily complex. Security defenses for those systems need
to be equally sophisticated. Gaps can develop anywhere, whether
through known vulnerabilities or inadvertent mistakes. Polar Cove
identifies the holes before the hackers do, helps clients fix the
problems, and monitors operations for continued reliability.
Each assessment is customized
to fit each client’s needs and enterprise architecture. Each
system component – firewalls, routers, applications, intrusion
detection system, etc. – is evaluated. Clients can select
one or more testing area for an engagement. Or, for maximum business
assurance, the entire IT and physical systems can be combined in
a comprehensive evaluation.
Management gains insight
into the policies and practices that are needed for intrusion protection.
Operational staff benefits from specific recommendations for increasing
enterprise security.
Vulnerability Assessment Includes:
- Reviewing network security
architecture and design in order to determine how they protect
critical business assets.
- Assessing the architecture components
through testing and analysis of intrusion points.
- Testing and analyzing the individual
security components to see how they impact on security and vulnerability.
- Probing for vulnerabilities and ability
to gain unauthorized access to critical functions.
- Prioritizing the next steps, based
on an acceptable balance between the risks from real vulnerabilities
and the costs and benefits of their remediation.
At several points in the engagement,
Polar Cove provides specific reports that describe the strengths
and weaknesses uncovered in each tested area. Recommendations from
Polar Cover vulnerability assessments include both tactical and
strategic options, as well as both immediate and longer-term steps
and resolutions.
Vulnerability Assessment Testing Areas:
Internet Security
• Network Surveying
• Port Scanning
• System Identification
• Services Identification
• Vulnerability Research
• Internet Application Testing
• Router Testing
• Firewall Testing
• Intrusion Detection System Testing
• Trusted Systems Testing
• Containment Measures Testing |
Information Security
• Document Grinding
• Competitive Intelligence Scouting
• Privacy Review
Social Engineering
• Request Testing
• Guided Suggestion Testing
• Trust Testing
Wireless Security
• Wireless Network Testing
• Cordless Communications Testing
• Privacy Review |
Communications
Security
• PBX Testing
• Voicemail Testing
• FAX Review
• Modem Testing
|
Physical Security
• Access Controls Testing
• Perimeter Review
• Monitoring Review
• Alarm Response Testing
• Location Review
• Environment Review
|
Download
this text as PDF
[ Back to Top ] |
