Computer, Network and Information Security Consulting Services
› return to original page


Vulnerability Assessment

In the past 6 months, the number of unwanted Internet intrusions have nearly doubled. Moreover, the FBI’s survey of crime and computer security showed that even though the vast majority of enterprises have intrusion detection systems, 40% of them still reported that their systems had been penetrated.

Polar Cove assesses and tests all of the components of each client’s security system. Useful reports to management cover specific weaknesses, vulnerabilities, and critical fixes.

Enterprise-wide information systems are necessarily complex. Security defenses for those systems need to be equally sophisticated. Gaps can develop anywhere, whether through known vulnerabilities or inadvertent mistakes. Polar Cove identifies the holes before the hackers do, helps clients fix the problems, and monitors operations for continued reliability.

Each assessment is customized to fit each client’s needs and enterprise architecture. Each system component – firewalls, routers, applications, intrusion detection system, etc. – is evaluated. Clients can select one or more testing area for an engagement. Or, for maximum business assurance, the entire IT and physical systems can be combined in a comprehensive evaluation.

Management gains insight into the policies and practices that are needed for intrusion protection. Operational staff benefits from specific recommendations for increasing enterprise security.

Vulnerability Assessment Includes:

  • Reviewing network security architecture and design in order to determine how they protect critical business assets.


  • Assessing the architecture components through testing and analysis of intrusion points.


  • Testing and analyzing the individual security components to see how they impact on security and vulnerability.


  • Probing for vulnerabilities and ability to gain unauthorized access to critical functions.


  • Prioritizing the next steps, based on an acceptable balance between the risks from real vulnerabilities and the costs and benefits of their remediation.

At several points in the engagement, Polar Cove provides specific reports that describe the strengths and weaknesses uncovered in each tested area. Recommendations from Polar Cover vulnerability assessments include both tactical and strategic options, as well as both immediate and longer-term steps and resolutions.

Vulnerability Assessment Testing Areas:

Internet Security
• Network Surveying
• Port Scanning
• System Identification
• Services Identification
• Vulnerability Research
• Internet Application Testing
• Router Testing
• Firewall Testing
• Intrusion Detection System Testing
• Trusted Systems Testing
• Containment Measures Testing		 Information Security
• Document Grinding
• Competitive Intelligence Scouting
• Privacy Review
Social Engineering
• Request Testing
• Guided Suggestion Testing
• Trust Testing
Wireless Security
• Wireless Network Testing
• Cordless Communications Testing
• Privacy Review
Communications Security
• PBX Testing
• Voicemail Testing
• FAX Review
• Modem Testing
 Physical Security
• Access Controls Testing
• Perimeter Review
• Monitoring Review
• Alarm Response Testing
• Location Review
• Environment Review

 


© 2006     Polar Cove